Fedora Update for curl FEDORA-2011-8586

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2011-8586 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Database of China Foreign Affairs Experts Left Wide Open

A U.S. security expert has uncovered data on more than 10,000 job applicants for positions with China’s State Administration of Foreign Experts Affairs, including user names and passwords that could be used to gain access to other sensitive government systems. The discovery by Dillon Beresford, a...

SSH password weakness

Added: 01/05/2011 CVE: CVE-1999-0502 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

SSH password weakness

Added: 01/05/2011 CVE: CVE-1999-0502 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

Mac OS X AFP Server绕过口令验证漏洞

BUGTRAQ ID: 43341 CVECAN ID: CVE-2010-1820 Mac OS X是苹果家族机器所使用的操作系统。 Mac OS X的AFP Server服务器中存在绕过口令验证漏洞，用户只需知道目标机器上的账号就可以访问AFP共享的文件夹。 Apple Mac OS X 10.6.4 Apple MacOS X Server 10.6.4 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.apple.com/support/downloads/...

RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass

Added: 06/07/2010 CVE: CVE-2010-0738 BID: 39710 OSVDB: 64171 Background JBoss Application Server AS is a full-featured open source Java application server that includes full support for J2EE-based APIs. JBoss AS runs on numerous operating systems e.g., Linux, FreeBSD, Mac OS X, and Microsoft...

Adobe ColdFusion 'cfadminUserId' XSS (APSB10-11)

The version of Adobe ColdFusion running on the remote host is affected by a cross-site scripting vulnerability in the administrative web interface. Input to the 'cfadminUserId' parameter of '/CFIDE/administrator/login.cfm' is not properly sanitized. This vulnerability is present when the 'Separat...

CVE-2010-0401

OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service daemon crash by sending a company password packet...

Changing system locale means users with non-ASCII characters in their passwords cannot authenticate

The OSUser and Atlassian-User authenticators used by Confluence convert a password into bytes before hashing it. This conversion doesn't specify which encoding should be used, so the system's default encoding is used. If the system administrator changes the locale settings on the server or change...

Changing system locale means users with non-ASCII characters in their passwords cannot authenticate

The OSUser and Atlassian-User authenticators used by Confluence convert a password into bytes before hashing it. This conversion doesn't specify which encoding should be used, so the system's default encoding is used. If the system administrator changes the locale settings on the server or change...

Speed up,Butler BA SQL Server account Set Password of the PJ method-vulnerability warning-the black bar safety net

Generally refers to the use of SQL Server password authentication mode, the sa or admin user password forget. First, open the Registry Editor,“run”, enter regedit findHKEYLOCALMACHINE\\SOFTWARE\\MICROSOFT\\MSSQLSERVER\\MSSQLSERVER, This item which has a key value LoginMode, now the value is 1,...

CVE-2009-4128

GNU GRand Unified Bootloader GRUB 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1...

CVE-2009-2836

CVE-2009-2836 : A race condition in the Login Window of Apple Mac OS X 10.6.x before 10.6.2 can let an attacker bypass password authentication and obtain login access to an arbitrary account when at least one account has a blank password. The issue is locally exploitable and the vectors are unspe...

CVS File Existence Information Disclosure (CVE-2004-0788)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

Mandriva Update for postgresql MDKSA-2007:188 (postgresql)

Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDKSA-2007:188 postgresql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Manual crack fast flash reduction-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com） Article author: monsterok（monster） Go to the cafe Internet, I downloaded a half-day things, can let I accidentally put the computer the power to kick, because the cafe machine is installed restore, reboot after everything...

USN-670-1: VMBuilder vulnerability

Mathias Gug discovered that vm-builder improperly set the root password when creating virtual machines. An attacker could exploit this to gain root privileges to the virtual machine by using a predictable password. This vulnerability only affects virtual machines created with vm-builder under...

Design/Logic Flaw

Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access...

CVE-2008-3610

Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account is enabled, allows attackers to bypass password authentication and login to any account via multiple attempts to login to the blank-password account, followed by selection of an arbitrary account...

CVE-2008-3610

Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account is enabled, allows attackers to bypass password authentication and login to any account via multiple attempts to login to the blank-password account, followed by selection of an arbitrary account...