Lucene search
K

58 matches found

OSV
OSV
added 2016/10/13 10:59 a.m.4 views

CVE-2016-7959

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

4.7CVSS5.8AI score0.00297EPSS
Exploits0References3
NVD
NVD
added 2015/06/10 6:59 p.m.14 views

CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtai...

2.6CVSS7.6AI score0.02028EPSS
Exploits0References12
Prion
Prion
added 2015/06/10 6:59 p.m.18 views

Authentication flaw

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtai...

2.6CVSS7.1AI score0.02028EPSS
Exploits0References12Affected Software4
Cvelist
Cvelist
added 2015/06/10 6:0 p.m.32 views

CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtai...

7.6AI score0.02028EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2015/06/08 12:0 p.m.25 views

CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtai...

2.6CVSS7.2AI score0.02028EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/03/09 12:0 a.m.22 views

Ubuntu 8.10 / 9.04 : network-manager-applet vulnerabilities (USN-883-1)

It was discovered that NetworkManager did not ensure that the Certification Authority CA certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. CVE-2009-4144 ...

6.8CVSS5.5AI score0.01897EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/01/19 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-883-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.01897EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2010/01/13 3:2 p.m.53 views

USN-883-1: network-manager-applet vulnerabilities

It was discovered that NetworkManager did not ensure that the Certification Authority CA certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. CVE-2009-4144 ...

6.8CVSS5.3AI score0.01897EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2009/03/25 1:58 p.m.9 views

NetworkManager: GetSecrets disclosure

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover 1 network connection passwords and 2 pre-shared keys via calls to the GetSecrets method in the dbus request handler...

4.6CVSS7.3AI score0.00785EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2009/03/25 1:58 p.m.5 views

NetworkManager: GetSecrets disclosure

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover 1 network connection passwords and 2 pre-shared keys via calls to the GetSecrets method in the dbus request handler...

4.6CVSS7.3AI score0.00785EPSS
Exploits2References4
Prion
Prion
added 2009/03/05 2:30 a.m.20 views

Design/Logic Flaw

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover 1 network connection passwords and 2 pre-shared keys via calls to the GetSecrets method in the dbus request handler...

4.6CVSS6.5AI score0.00785EPSS
Exploits2References20Affected Software1
CVE
CVE
added 2009/03/05 2:0 a.m.95 views

CVE-2009-0365

The CVE-2009-0365 entry concerns nm-applet.conf in GNOME NetworkManager prior to 0.7.0.99, where an incorrect deny setting allows local users to disclose sensitive data via the GetSecrets DBus handler (network connection passwords and pre-shared keys). The connected sources confirm this is an inf...

4.6CVSS7.2AI score0.00785EPSS
Exploits2References20Affected Software1
Debian CVE
Debian CVE
added 2009/03/05 2:0 a.m.19 views

CVE-2009-0365

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover 1 network connection passwords and 2 pre-shared keys via calls to the GetSecrets method in the dbus request handler...

4.6CVSS6.1AI score0.00785EPSS
Exploits2
FreeBSD
FreeBSD
added 2004/04/05 12:0 a.m.33 views

racoon fails to verify signature during Phase 1

Ralf Spenneberg discovered a serious flaw in racoon. When using Phase 1 main or aggressive mode, racoon does not verify the client's RSA signature. Any installations using X.509 authentication are strongly urged to upgrade. Installations using pre-shared keys are believed to be unaffected...

7.5CVSS6.5AI score0.03625EPSS
Exploits0References1
NVD
NVD
added 2001/06/18 4:0 a.m.15 views

CVE-2001-0376

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack t...

7.5CVSS6.8AI score0.01351EPSS
Exploits0References2
SonicWall
SonicWall
added 2001/06/18 4:0 a.m.7 views

Tele2 CVE-2001-0376 Remote Security Vulnerability

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack t...

7.5CVSS7.1AI score0.01351EPSS
Exploits0
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.19 views

CVE-2001-0376

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack t...

6.8AI score0.01351EPSS
Exploits0References2
CVE
CVE
added 2001/05/24 4:0 a.m.60 views

CVE-2001-0376

CVE-2001-0376 affects SonicWALL Tele2 and SOHO firewalls running firmware 6.0.0.0 when using IPsec with IKE pre-shared keys. The root cause is that the implementation supports only 48-byte IKE PSKs instead of the full 128-byte length, reducing the effective key space. This enables a remote attack...

7.5CVSS7.2AI score0.01351EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder