CVE-2024-58311

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

Dormakaba Saflok System 安全漏洞

Dormakaba Saflok System is a hotel access control and security management system from Dormakaba USA. A security vulnerability exists in Dormakaba Saflok System 6000 that stems from a predictable key generation algorithm that could lead to the derivation of card access keys...

EUVD-2014-7854

Malware in sbrugna...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Storage Scale packaged in IBM Storage Scale System

Summary There is a vulnerability in IBM WebSphere Application Server Liberty, used by IBM Storage Scale System, which could allow a remote attacker to cause a denial of service. CVE-2023-46158, CVE-2023-44487 Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server...

Saflok System 6000 Key Derivation Exploit

// Exploit Title: Saflok KDF // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc, char argv if argc != 2 printf"Usage: %s \n", argv0...

Saflok System 6000 Key Derivation

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

Saflok - Key Derication Function Exploit

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

CVE-2016-1366

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service overwrite via unspecified vectors, aka Bug ID CSCuw75848...

CVE-2016-1366

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service overwrite via unspecified vectors, aka Bug ID CSCuw75848...

CVE-2016-1366

CVE-2016-1366 affects Cisco IOS XR on Network Convergence System 6000 (versions 5.0.0–5.2.5). The SCP and SFTP modules expose a vulnerability due to insecure permissions on paths containing system files, allowing an authenticated, remote attacker to overwrite system files and cause a denial of se...

CVE-2015-0776

telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service device reload via a malformed TELNET packet, aka Bug ID CSCuq31566...

Design/Logic Flaw

telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service device reload via a malformed TELNET packet, aka Bug ID CSCuq31566...

CVE-2015-0776

telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service device reload via a malformed TELNET packet, aka Bug ID CSCuq31566...

CVE-2015-0776

CVE-2015-0776 is a Cisco IOS XR telnetd denial of service affecting Network Convergence System 6000 devices running IOS XR 5.0.1. The root cause is improper processing of malformed TELNET packets by the telnetd process, which can allow an unauthenticated remote attacker to trigger a device reload...

Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability

A vulnerability in the parsing of malformed IP version 6 IPv6 packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 NCS 6000 and Cisco Carrier Routing System CRS-X could allow an unauthenticated, remote attacker to cause a reload of a line card that is processing traffic. The...

Race condition

Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service process reload by establishing many TCP sessions, aka Bug ID CSCuq45239...

CVE-2014-8005

Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service process reload by establishing many TCP sessions, aka Bug ID CSCuq45239...