FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:19.ipsec Security Advisory The FreeBSD Project Topic: Incorrect key usage in AES-XCBC-MAC Category: core Module: netinet6 Announced: 2005-07-27 Credits: Yukiyo...

FreeBSD Security Advisory FreeBSD-SA-05:15.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced: 2005-06-29 Credits: Noritoshi...

FreeBSD-SA-05:15.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced: 2005-06-29 Credits: Noritoshi...

CVE-2002-1910

CVE-2002-1910 affects Click2Learn Ingenium Learning Management System, versions 5.1–6.1. The root cause is the use of weak, reversible password encryption, enabling attackers to obtain passwords. Public sources confirm the affected products/versions and the vulnerability description across NVD/Re...

CVE-2002-1739

Alt-N Technologies Mdaemon versions 5.0–5.0.6 store user passwords with a weak encryption algorithm, enabling local users to crack them. Local access is required; confidentiality impact is indicated. Remediation: upgrade to a version that uses stronger password encryption. The connected PT-securi...

CVE-2002-1697

Electronic Code Book ECB mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain sensitive information...

Linux Kernel Cryptoloop encrypted filesystem weak encryption

Weak IV Initial Vector generation algorithm allows data watermarking, making it possible to detect data in filesystem...

TCP TIMESTAMPS Denial of Service Exploit

Exploit for multiple platform in category dos / poc ======================================== TCP TIMESTAMPS Denial of Service Exploit ======================================== / TCP does not adequately validate segments before updating timestamp value http://www.kb.cert.org/vuls/id/637934 RFC-1323...

TCP TIMESTAMPS - Denial of Service

TCP TIMESTAMPS - Denial of Service / TCP does not adequately validate segments before updating timestamp value http://www.kb.cert.org/vuls/id/637934 RFC-1323 TCP Extensions for High Performance 4.2.1 defines how the PAWS algorithm should drop packets with invalid timestamp options: R1 If there is...

TCP TIMESTAMPS - Denial of Service

/ TCP does not adequately validate segments before updating timestamp value http://www.kb.cert.org/vuls/id/637934 RFC-1323 TCP Extensions for High Performance 4.2.1 defines how the PAWS algorithm should drop packets with invalid timestamp options: R1 If there is a Timestamps option in the arrivin...

CVE-2005-1600

Technical details (affected product/version/root cause/mitigation) are not publicly available in the provided connected documents. Monitor for updates.

CVE-2005-1600

A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key...

CVE-2004-1861

CVE-2004-1861 relates to Invision NetSupport School Pro, which uses a weak encryption algorithm to encrypt passwords, enabling local users to obtain passwords. The available documents state the affected product and the underlying issue (weak encryption) but do not specify the exact vulnerable com...

Soldier of Fortune 2 1.03 - cl_guid Server Crash

Soldier of Fortune 2 1.03 - clguid Server Crash / by Luigi Auriemma / include include include include / Quake 3 engine Huffman algorithm 0.2 ALL the code comes from the Q3fusion project of Andrey Nazarov: http://sourceforge.net/projects/q3fusion/ I have simply modified some variables and the...

Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash

/ by Luigi Auriemma / include include include include / Quake 3 engine Huffman algorithm 0.2 ALL the code comes from the Q3fusion project of Andrey Nazarov: http://sourceforge.net/projects/q3fusion/ I have simply modified some variables and the prototype of the decompressing and compressing...

PT-2005-1108

Name of the Vulnerable Software and Affected Versions SHA-1 affected versions not specified Description The issue is related to the SHA-1 algorithm not being collision resistant, making it easier for attackers to conduct spoofing attacks. This has been demonstrated by attacks on the use of SHA-1 ...

Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h / Painkiller packet's password encoder/decoder 0.1 by Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org INTRODUCTION ============ When you want to...

Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit

Exploit for unknown platform in category dos / poc ======================================================================= Painkiller include include include / Painkiller packet's password encoder/decoder 0.1 by Luigi Auriemma e-mail: email protected web: http://aluigi.altervista.org INTRODUCTION...

Portcullis Security Advisory 05-002 Spectrum Cash Receipting System Weak Password Encryption

Portcullis Security Advisory Vulnerable System: Spectrum Cash Receipting System Vulnerability Title: Spectrum Cash Receipting System Weak Password Protection Vulnerability. Vulnerability discovery and development: Portcullis Security Testing Services. Affected systems: All known versions of...

MD5 - Message Digest Algorithm Hash Collision

MD5 - Message Digest Algorithm Hash Collision source: https://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result i...