2421 matches found
CVE-2012-4409
Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...
Stack overflow
Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...
oracle-brute-stealth NSE Script
Exploits the CVE-2012-3137 vulnerability, a weakness in Oracle's O5LOGIN authentication scheme. The vulnerability exists in Oracle 11g R1/R2 and allows linking the session key to a password hash. When initiating an authentication attempt as a valid user the server will respond with a session key...
CVE-2012-3137
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...
Authentication flaw
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...
CVE-2012-3137
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...
Flaw in Oracle Logon Protocol Leads to Easy Password Cracking
There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user’s password. The attacker could then log on as an authenticated user...
mcrypt <= 2.6.8 stack-based buffer overflow poc
Exploit for windows platform in category dos / poc !/usr/bin/env python mcrypt = 2.6.8 stack-based buffer overflow poc http://mcrypt.sourceforge.net/ the command line tool, not the library date: 2012-09-04 exploit author: ishikawa tested on: ubuntu 12.04.1 tech: it overflows in checkfilehead when...
dns-nsec3-enum NSE Script
Tries to enumerate domain names from the DNS server that supports DNSSEC NSEC3 records. The script queries for nonexistant domains until it exhausts all domain ranges keeping track of hashes. At the end, all hashes are printed along with salt and number of iterations used. This technique is known...
CVE-2012-2317
The Debian phpcryptrevamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not properly handle an empty...
PJBlog 3.2.9.518 getwebshell exploit-vulnerability warning-the black bar safety net
Author: do not go to the bell Version: PJblog 3.2.9.518(2012/5/9, When is the latest version The exploit conditions: 1, Using full static mode by default is a fully static mode 2, The user can post the default regular users can not post, so a little tasteless) Vulnerability description: PJblog...
Anon Tweets About Hack, Gets Arrested
A 21 year-old Ohio man associated with the Anonymous Internet collective is in detention after boasting on Twitter about his involvement in the hack of the Utah Chiefs of Police Association and the Salt Lake City Police Department. John Anthony Borell III was charged with two counts of computer...
PcwRunAs 0.4 Password Obfuscation Design Flaw
Vuln Title: PcwRunAs Password Obfuscation Design Flaw Date: 26.03.2012 Author: Christian Landström, otr Software Link: http://www.pcwelt.de/downloads/pcwRunAs-1215998.html Version: = 0.4 Tested on: Windows CVE : CVE-2012-1793 Risk: high Type: Privilege Escalation Vendor: PC-Welt Timeline:...
ManageEngine Device Expert 5.6 Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against:...
Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability
This vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of CA Total Defense Suite UNC Management Web Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AppCode.dll service listening by default on...
CVE-2011-3268
Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483...
PHP 5.3.7 Cryptographic Vulnerability
PHP is prone to a cryptographic vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...
PHP 5.3.8 Released, Fixes Crypto Bug
A day after warning users about a serious bug in the cryptographic function in PHP 5.3.7 and telling them not to upgrade to that release, the maintainers of the scripting language pushed out version 5.3.8, which fixes the crypto problem as well as another security related issue. PHP 5.3.7, which...
PHP "crypt()" MD5 Salt安全漏洞
PHP是流行的脚本语言环境。 PHP在"crypt"函数的实现上存在安全漏洞,远程攻击者可利用此漏洞绕过某些安全限制。 此漏洞源于"crypt"函数在生成有salt的MD5哈希时,仅返回salt PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...
PHP -- crypt() returns only the salt for MD5
PHP development team reports: If crypt is executed with MD5 salts, the return value consists of the salt only. DES and BLOWFISH salts work as expected...