EUVD-2012-5750

Malware in sbrugna...

CVE-2012-5873

ARC aka ARC2 through 2011-12-01 allows reflected XSS via the endpoint.php query parameter in an output=htmltab action...

CVE-2012-5872

ARC aka ARC2 through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause...

CVE-2012-5872

ARC aka ARC2 through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause...

CVE-2012-5873

ARC aka ARC2 through 2011-12-01 allows reflected XSS via the endpoint.php query parameter in an output=htmltab action...

Sql injection

ARC aka ARC2 through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause...

CVE-2012-5872

ARC aka ARC2 through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause...

CVE-2012-5873

ARC aka ARC2 through 2011-12-01 allows reflected XSS via the endpoint.php query parameter in an output=htmltab action...

CVE-2012-5873

ARC (aka ARC2) up to 2011-12-01 is affected by a reflected XSS through the end_point.php query parameter when action output=htmltab is used. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE lists, and enrichment feeds) with a common description: input reflected in HTML o...

CVE-2012-5872

ARC (ARC2) up to version 2011-12-01 is affected by a blind SQL Injection in getTriplePatternSQL within ARC2_StoreSelectQueryHandler.php, exploitable via comments in a SPARQL WHERE clause. Affected software is ARC/ARC2, with the vulnerable code path in the StoreSelectQueryHandler. The underlying i...

CVE-2012-5872

ARC aka ARC2 through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause...

CVE-2012-5873

ARC aka ARC2 through 2011-12-01 allows reflected XSS via the endpoint.php query parameter in an output=htmltab action...

SUSE CVE-2009-0544

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length...

Crypto Identifier - Tool To Uncipher Data Using Multiple Algorithms And Block Chaining Modes

Crypto tool for pentest and ctf : try to uncipher data using multiple algorithms and block chaining modes. Usefull for a quick check on unknown cipher text and key dictionary. Supported Algorithms : AES ARC2 ARC4 Blowfish CAST DES DES3 XOR Supported modes : ECB CBC CFB OFB Usage: python...

PyCrypto ARC2 Module Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33674/info PyCrypto Python Cryptography Toolkit is prone to a buffer-overflow vulnerability because it fails to adequately verify user-supplied input. Successful exploits may allow attackers to execute arbitrary code in t...

openSUSE Security Update : python-crypto (python-crypto-589)

Missing checks for the key length in the ARC2 module potentially allowed attackers to crash applications using python-crypto or potentially even cause execute arbitrary code CVE-2009-0544. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE 10 Security Update : python-crypto (python-crypto-6063)

Missing checks for the key length in the ARC2 module potentially allowed attackers to crash applications using python-crypto or potentially even cause execute arbitrary code CVE-2009-0544. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Mandriva Linux Security Advisory : pycrypto (MDVSA-2009:049-1)

A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length CVE-2009-0544. The updated packages have been patched to prevent this. Update : The previous...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : python-crypto vulnerability (USN-729-1)

Mike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to ...

Gentoo Security Advisory GLSA 200903-11 (pycrypto)

The remote host is missing updates announced in advisory GLSA 200903-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...