5302 matches found
CVE-2011-0009
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database...
CVE-2011-0009
CVE-2011-0009 affects Best Practical Solutions RT 3.x (before 3.8.9rc2) and RT 4.x (before 4.0.0rc4), where password hashes used MD5, enabling context-dependent attackers to brute-force the database and recover cleartext passwords. DebRAN/Debian advisories note an incomplete fix in CVE-2011-0009 ...
Fedora Update for pyfribidi FEDORA-2011-0010
Check for the Version of pyfribidi OpenVAS Vulnerability Test Fedora Update for pyfribidi FEDORA-2011-0010 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Fedora Update for pyfribidi FEDORA-2011-0001
Check for the Version of pyfribidi OpenVAS Vulnerability Test Fedora Update for pyfribidi FEDORA-2011-0001 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 13 Update: pyfribidi-0.10.0-1.fc13
PyFriBidi is a simple Python binding for FriBidi, providing an implementation of The Unicode Bidirectional Algorithm in Python...
[SECURITY] Fedora 14 Update: pyfribidi-0.10.0-1.fc14
PyFriBidi is a simple Python binding for FriBidi, providing an implementation of The Unicode Bidirectional Algorithm in Python...
27C3: GSM cell phones even easier to tap !
At the 27th Chaos Communication Congress 27C3 hacker conference, security researchers demonstrated how open source software on a number of revamped, entry-level cell phones can decrypt and record mobile phone calls in the GSM network. Using a normal laptop and a homemade monitoring device, team...
bind: key algorithm rollover may mark secure answers as insecure
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...
[SECURITY] [DSA-2130-1] New BIND packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2130-1 [email protected] http://www.debian.org/security/ Florian Weimer December 10, 2010 http://www.debian.org/security/faq -...
Ubuntu Update for bind9 vulnerabilities USN-1025-1
Ubuntu Update for Linux kernel vulnerabilities USN-1025-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10251.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for bind9 vulnerabilities USN-1025-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Apple QuickTime PICT File PackBits Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application'...
CVE-2010-3614
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : bind9 vulnerabilities (USN-1025-1)
It was discovered that Bind would incorrectly allow a ncache entry and a rrsig for the same type. A remote attacker could exploit this to cause Bind to crash, resulting in a denial of service. CVE-2010-3613 It was discovered that Bind would incorrectly mark zone data as insecure when the zone is...
USN-1025-1: Bind vulnerabilities
It was discovered that Bind would incorrectly allow a ncache entry and a rrsig for the same type. A remote attacker could exploit this to cause Bind to crash, resulting in a denial of service. CVE-2010-3613 It was discovered that Bind would incorrectly mark zone data as insecure when the zone is...
ISC BIND 9.4-ESV < 9.4-ESV-R4 / 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3 / 9.7.x < 9.7.2-P3 Multiple Vulnerabilities
Binary data 5718.prm...
GetSimple CMS 2.01 / 2.02 Credential Disclosure
Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548 download svn for 2.02beta: svn...
Design/Logic Flaw
/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing UVC System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the 1 administrator and 2 operator passwords, which makes it easier for local users to obtain sensitive...
CVE-2010-4302
Cisco CVE-2010-4302 affects Cisco Unified Videoconferencing (UVC) System 5110/5115 on Linux, where /opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val uses a weak hashing algorithm for administrator and operator passwords. This weak hashing enables local users to recover cleartext passwords of adm...
Sql injection
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...
CVE-2010-3804
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...