Design/Logic Flaw

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords...

CVE-2008-3188

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords...

CVE-2008-3188

CVE-2008-3188 concerns libxcrypt in SUSE openSUSE 11.0. The root cause is that when the MD5 password-hash setting is configured, libxcrypt still uses DES, enabling easier brute-force attacks on hashed passwords. This vulnerability affects openSUSE 11.0 where MD5 is configured but DES is used inst...

CVE-2008-3188

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords...

PT-2008-4605 · Suse · Opensuse

Name of the Vulnerable Software and Affected Versions: SUSE openSUSE version 11.0 Description: The issue makes it easier for attackers to conduct brute-force attacks against hashed passwords due to the use of the DES algorithm when the configuration specifies the MD5 algorithm. Recommendations: F...

IPSwitch IMail Server <= 8.1 Local Password Decryption Utility

No description provided by source. / IpSwitch IMail Server = ver 8.1 User Password Decryption by Adik netmaniac hotmail KG IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption sche...

CVE-2008-1678

Memory leak in the zlibstatefulinit function in crypto/comp/czlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service memory consumption via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server modssl that specify...

Play a game of webshell game-bug warning-the black bar safety net

To hack the x-Files cast a draft, two months, and haven't selected, and now it sends to the Just look at it, the article is bad, Don't laugh,the picture is zoom out, tap the picture you can see the big picture. Play a game of webshell game The desert（baiker2008 Now many of the side dishes, speaki...

[SECURITY] Fedora 7 Update: libpng-1.2.29-1.fc7

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

AJ Classifieds 2008 (index.php) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ AJ Classifieds 2008 index.php Remote SQL Injection Vulnerability +==-- --==+================================================================================+==--...

Thomson SpeedTouch和BT Home Hub路由器默认WEP/WPA密钥算法漏洞

BUGTRAQ ID: 28893 BT Home Hub和Speedtouch都是家用的无线Internet路由器。 BT Home Hub和Speedtouch路由器所使用的默认WEP/WPA密钥算法是可预测的，远程攻击者可以基于一些公开信息（如MAC地址或SSID）预测出密钥，这样就可以完全入侵路由器。 对于Speedtouch路由器路由器： S/N：CP0615JT109 53 删除CC和PP值：CP0615109 将XXX值转换为16进制：CP0615313039 通过SHA-1处理：742da831d2b657fa53d347301ec610e1ebf8a3d0...

[SECURITY] Fedora 7 Update: rsync-2.6.9-6.fc7

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

[SECURITY] Fedora 8 Update: rsync-2.6.9-5.fc8

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

Skillfully crack open someone ASP Trojan password method-vulnerability warning-the black bar safety net

Crack the objective: to crack a asp Trojan encrypted login crack asp Trojan password land password. Since the Trojan there is no version described, specific also don't know what this Trojan is called what name. Crack idea: the two, with the encrypted password replaces the ciphertext and use the...

QuickTalk Forum 1.6 - Blind SQL Injection

QuickTalk Forum / ----------------------------------------------------------------------------------------------- - QuickTalk Forum Blind SQL Injection Exploit qtfindsearchov.php - - Info --------------------------------------------------------------------------------------- - Author: t0pP8uZz &...

Design/Logic Flaw

A certain pseudo-random number generator PRNG algorithm that uses ADD with 0 random hops aka "Algorithm A0", as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as 1 DNS transaction IDs or 2 IP fragmentation IDs by observing a...

Code injection

A certain pseudo-random number generator PRNG algorithm that uses XOR and 2-bit random hops aka "Algorithm X2", as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as I...

Design/Logic Flaw

A certain pseudo-random number generator PRNG algorithm that uses XOR and 3-bit random hops aka "Algorithm X3", as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issu...

CVE-2008-1146

A certain pseudo-random number generator PRNG algorithm that uses XOR and 3-bit random hops aka "Algorithm X3", as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issu...

CVE-2008-1147

A certain pseudo-random number generator PRNG algorithm that uses XOR and 2-bit random hops aka "Algorithm X2", as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as I...