30 matches found
EUVD-2005-0107
Malware in sbrugna...
EUVD-1999-0428
Malware in sbrugna...
Crypt-SSLeay
This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...
[SECURITY] Fedora 41 Update: perl-Crypt-CBC-3.07-1.fc41
This is Crypt::CBC, a Perl-only implementation of the cryptographic cipher block chaining mode CBC. In combination with a block cipher such as Crypt::DES or Crypt::IDEA, you can encrypt and decrypt messages of arbitrarily long length. The encrypted messages are compatible with the encryption form...
[SECURITY] Fedora 42 Update: perl-Crypt-CBC-3.07-1.fc42
This is Crypt::CBC, a Perl-only implementation of the cryptographic cipher block chaining mode CBC. In combination with a block cipher such as Crypt::DES or Crypt::IDEA, you can encrypt and decrypt messages of arbitrarily long length. The encrypted messages are compatible with the encryption form...
perl-IO-Socket-SSL and perl-Net-SSLeay bug fix and enhancement update
An update is available for perl-IO-Socket-SSL, perl-Net-SSLeay. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this...
K27110515: Open SSL vulnerability CVE-2001-1141
Security Advisory Description The Pseudo-Random Number Generator PRNG in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. CVE-2001-1141...
SUSE CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...
Ubuntu: Security Advisory (USN-113-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
new packages: perl-Net-SSLeay
An update is available for perl-Net-SSLeay. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
...
openssl: Crash in ssleay_rand_bytes due to locking regression
A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...
OpenSSL 'ssleay_rand_bytes()' function denial of service vulnerability
OpenSSL is an open source implementation of SSL for strong encryption of network communications, and is now widely used in a variety of network applications. A security vulnerability in OpenSSL in Red Hat allows a remote attacker to send special data to a target multithreaded reference that uses...
openssl: Crash in ssleay_rand_bytes due to locking regression
A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...
RSA Security RSAREF 2.0 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/843/info A buffer overflow vulnerability exists in the RSAREF cryptographic library which may possibly make any software using the library vulnerable. The vulnerability exists in four functions in the rsa.c source file. T...
MDVA-2009:051 : perl-Crypt-SSLeay
This update provides updated perl-Crypt-SSLeay, required for mdkonline to work with restricted resources. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script...
Symantec Scan Engine 5.0.x - Change Admin Password
Symantec Scan Engine 5.0.x - Change Admin Password !/usr/bin/perl -w Remotely change the administrator password or password hash of Symantec Scan Engine. Author: Marc Bevand of Rapid7 Copyright 2006 Rapid7, LLC. All rights reserved. Redistribution and use in source and binary forms, with or witho...
Weak Net::SSLeay perl module encryption
/tmp/entropy file is used for entropy gathering if no entropy source is specified with EGDPATH envoronment variable. Attacker can fille file with known data...
Ubuntu 5.04 : libnet-ssleay-perl vulnerability (USN-113-1)
Javier Fernandez-Sanguino Pena discovered that this library used the file /tmp/entropy as a fallback entropy source if a proper source was not set in the environment variable EGDPATH. This can potentially lead to weakened cryptographic operations if an attacker provides a /tmp/entropy file with...
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...