Symantec Messaging Gateway 10.x < 10.6.1 Management Console Multiple Vulnerabilities (SYM16-005)

According to its self-reported version number, the Symantec Messaging Gateway SMG running on the remote host is 10.x prior to 10.6.1. It is, therefore, affected by multiple vulnerabilities : - A privilege escalation vulnerability exists in the SMG management console due to AD password information...

SMB Password Encryption Not Required

The remote SMB server does not require password encryption. This allows clients to send cleartext passwords over the network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid87734; scriptversion"$Revision: 1.1 $"; scriptcvsdate"$Date: 2016/01/05 18:44:51 $";...

The vulnerability of the RSView32 SCADA system, which allows a intruder to gain access to the SCADA system

The vulnerability of the password encryption algorithm used in SCADA systems like RSView32 is related to errors in the encryption algorithm itself. Exploiting this vulnerability could allow an intruder to gain access to the SCADA system and make unauthorized changes to the controlled technologica...

CVE-2015-1934

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX002, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX002 and 7.6.0 before 7.6.0.1 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli ...

CVE-2015-1934

CVE-2015-1934 affects IBM Maximo Asset Management and related products. The root issue is weak encryption of passwords, allowing context-dependent attackers with access to a password file to obtain cleartext passwords. Affected versions include Maximo Asset Management 7.1–7.1.1.13, 7.5.x before 7...

PageAdmin v3.0 /e/database/v3.mdb 数据库泄漏

PageAdmin CMS V3.0版，默认数据库地址“/e/database/v3.mdb“，默认后台地址：“/e/master/login.aspx”，由于数据库地址未做限制，导致可以下载。通过逆向管理员MD5加密算法获得md5密文，并通过md5密文可以破解管理员密码。发现非常规MD5加密，于是使用ILSPY逆向源代码，查看加密方式public string GetMd5string s MD5 mD = new MD5CryptoServiceProvider; Encoding encoding = Encoding.GetEncoding"UTF-8"; string s2 =...

ESPCMS的最新版后台登入绕过

简要描述： 8.25 V6.4.15.08.25 捡漏 详细说明： 在加密算法那 ，一般情况下我们是不能再还原出key了。 他加了这么一段代码 function eccode$string, $operation = 'DECODE', $key = '@LFK24s224%@safS3s%1f%', $mcrype = true $result = null; if $operation == 'ENCODE' if extensionloaded'mcrypt' && $mcrype $result = $this-encryptCookie$string, $key; else...

SS-2016-008: Password encryption salt expiry

More info at https://www.silverstripe.org/download/security-releases/ss-2016-008/...

Untangle NGFW 9 / 10 / 11 XSS / Code Execution

Multiple issues have been discovered in the Untangle NGFW virtual appliance. The vendor was unresponsive and uncooperative to the researcher. - Persistent XSS leading to root Authentication requiredConfirmed in versions 9 and 11 up to rev r39357 Throughout the Untangle user interface there are...

mcms最新版任意表的任意字段注入+添加管理员+任意数据删除

简要描述： mcms最新版任意表的任意字段注入+添加管理员+任意数据删除 详细说明： 前两天在wooyun提了两个漏洞，一天就确认修复了，而且出了新版本，那我就去官网下个最新（v3.1.1.enterprise）的来看看学习学习吧。 问题一：任意表的任意字段注入 注入一枚：POST /app/user/info.php?m=save&ajax=1 POST中有个参数modelname，这个参数是用来与数据表前缀（TBPRE）拼接需要操作的数据表的表名的，在获得modelname时并没有过滤，因此，在数据表名可就可以进行注入了，当然，可以利用任意表的任意字段来进行注入。...

Siemens SIMATIC STEP 7 Sensitive Information Disclosure Vulnerability

Siemens SIMATIC is an automation software with a single engineering environment. A sensitive information disclosure vulnerability exists in Siemens SIMATIC STEP 7, which allows attackers to exploit the vulnerability to gain access to sensitive information due to the use of an insecure hash...

Rockwell Automation RSView32 Weak Encryption Algorithm on Passwords

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on May 12, 2015, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has produced a patch to mitigate a password encryption vulnerability in RSView32. Information Security Analysts Vladimir...

openSUSE Security Update : pidgin (openSUSE-SU-2014:1397-1)

Update to version 2.10.10 : + General : - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins...

Respondus for WebCT 1.1.2 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3228/info Respondus is an application designed to add functionality to WebCT's quiz, self-test and survey tools. WebCT is a commercial e-learning solution. When a user opts to have Respondus remember the username/password...

Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h / Painkiller packet's password encoder/decoder 0.1 by Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org INTRODUCTION ============ When you want to...

UltraEdit 8.2 FTP Client Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3234/info UltraEdit is a multi-featured commercial text editor with support for HTML, C/C++, VB, Java, Perl, XML, and C. It also includes a hex editor and a small FTP client. UltraEdit's FTP client has a feature which wil...

Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30766/info Folder Lock is prone to an information-disclosure vulnerability because it stores credentials in an insecure manner. A local attacker can exploit this issue to obtain passwords used by the application, which ma...

Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/519/info The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and depends on...

MySQL 3.x/4.0.x Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7500/info MySQL has been reported to implement a weak password encryption algorithm. It has been reported that the MySQL function used to encrypt MySQL passwords makes just one pass over the password and employs a weak le...

NetSupport School 7.0/7.5 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9981/info NetSupport School is prone to a password-encryption vulnerability because the application fails to protect passwords with a sufficiently effective encryption scheme. Exploiting this issue may allow an attacker t...