CVE-2008-1148

A certain pseudo-random number generator PRNG algorithm that uses ADD with 0 random hops aka "Algorithm A0", as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as 1 DNS transaction IDs or 2 IP fragmentation IDs by observing a...

CVE-2008-1146

CVE-2008-1146 affects OpenBSD 2.8–4.2 where a PRNG using XOR with 3-bit hops (Algorithm X3) enables remote attackers to infer DNS transaction IDs from prior outputs, potentially enabling DNS cache poisoning on OpenBSD’s BIND modification. Impact per NVD indicates partial confidentiality, partial ...

CVE-2008-1147

A certain pseudo-random number generator PRNG algorithm that uses XOR and 2-bit random hops aka "Algorithm X2", as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as I...

CVE-2008-1148

CVE-2008-1148 concerns a flaw in a PRNG using ADD with 0 random hops (Algorithm A0) that affects OpenBSD 3.5–4.2 and NetBSD 1.6.2–4.0. Attackers can observe a sequence of previously generated values to guess sensitive identifiers such as DNS transaction IDs and IP fragmentation IDs, enabling pote...

[DSECRG-08-008] Textpattern 4.0.5 Multiple Security Vulnerabilities

Digital Security Research Group DSecRG Advisory DSECRG-08-008 Application: Txp CMS Versions Affected: 4.0.5 Vendor URL: http://www.textpattern.com Bugs: DOS, multiple XSS, etc. Exploits: YES Reported: 11.01.2008 Vendor response: 14.01.2008 Patch Released: 03.02.2008 Date of Public Advisory:...

Debian Security Advisory DSA 1000-2 (libapreq2-perl)

The remote host is missing an update to libapreq2-perl announced via advisory DSA 1000-2. Gunnar Wolf noticed that the correction for the following problem was not complete and requires an update. For completeness we're providing the original problem description: An algorithm weakness has been...

Debian Security Advisory DSA 1000-1 (libapreq2-perl)

The remote host is missing an update to libapreq2-perl announced via advisory DSA 1000-1. An algorithm weakness has been discovered in Apache2::Request, the generic request library for Apache2 which can be exploited remotely and cause a denial of service via CPU consumption. The old stable...

CVE-2007-6337

CVE-2007-6337 refers to a vulnerability in the bzip2 decompression code used by clamav (nsis/bzlib_private.h) prior to version 0.92. The connected documents corroborate that this family of issues includes CVE-2007-6335, CVE-2007-6336, and CVE-2007-6337 and indicate vendor advisories and updates t...

CVE-2007-6337

Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlibprivate.h in ClamAV before 0.92 has unknown impact and remote attack vectors...

2zproject-multi.txt

Digital Security Research Group DSecRG Advisory Name: 2z project Systems Affected: 2z project 0.9.6.1 Vendor URL: http://2z-project.ru Authors: Alexandr Polyakov, Stas Svistunovich Digital Security Reasearch Group DSecRG research at dsec dot ru Reported: 27.12.2007 Vendor response: 27.12.2007 Dat...

CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit

No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // Cutenews = 1.4.5 admin password md5 hash fetching exploit // Version 1.0 // written by Jan...

CuteNews 1.4.5 - Admin Password md5 Hash Fetching

?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // Cutenews = 1.4.5 admin password md5 hash fetching exploit // Version 1.0 // written by Janek Vind "waraxe" //...

SOL8072 - Obtaining uptime information from TCP timestamps

Timestamps are a TCP option used by a TCP/IP networking stack to implement two algorithms: the Round-Trip Time Measurement RTTM algorithm and the Protection Against Wrapped Sequence Numbers PAWS algorithm. Both algorithms are defined in RFC 1323, and are widely implemented by most modern operatin...

Code injection

The 1 NSIDSHUFFLEONLY and 2 NSIDUSEPOOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors...

BIND version 8 generates cryptographically weak DNS query identifiers

Overview ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. Version 8 of the BIND...

Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator"

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Default Root Password in Infrant now Netgear ReadyNAS "RAIDiator" Release Date: August 13, 2007 Authors: Brian Chapados [email protected] Felix Domke [email protected] Timeline: Jul 25, 2007 - discovery Jul 29, 2007 - vendor...

SQL SERVER Database Password vulnerability-vulnerability warning-the black bar safety net

Track a bit the SQL SERVER Database Server login process, and found that the password calculation is very vulnerable, a SQL SERVER Database Password vulnerability embodied in two aspects: 1, A network login when the password encryption algorithm 2, The database storage of the password encryption...

OpenSSL本地密钥信息泄露漏洞

BUGTRAQ ID: 25163 CVECAN ID: CVE-2007-3108 OpenSSL是一种开放源码的SSL实现，用来实现网络通信的高强度加密，现在被广泛地用于各种网络应用程序中。 某些RSA的实现上存在可重建密钥的漏洞，OpenSSL基于SSLeay，提供RSA算法的加密支持，本地攻击者可能利用此漏洞通过RSA算法解密加密信息的内容。 多种使用了OpenSSL的产品可能受此漏洞影响。 OpenSSL Project OpenSSL 0.9.8e OpenSSL Project OpenSSL 0.9.8d OpenSSL Project OpenSSL 0.9.8c...

[SECURITY] Fedora 7 Update: spamassassin-3.2.1-1.fc7

SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email SPAM from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring...

Multiple vendors ZOO file decompression infinite loop DoS

Topic: Multiple vendors ZOO file decompression infinite loop DoS Announced: 2007-05-04 Credits: Jean-Sebastien Guay-Leroux Products: Multiple see section III Impact: DoS 99 CPU utilisation CVE ID: CVE-2007-1669, CVE-2007-1670, CVE-2007-1671, CVE-2007-1672, CVE-2007-1673 I. BACKGROUND Zoo is a...