DEBIAN-CVE-2015-7848

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to ...

CVE-2015-7848

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to ...

Integer overflow

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to ...

HP Integrated Lights-Out Information Disclosure Vulnerability (CNVD-2016-07089)

HP Integrated Lights-Out is used for remote management of servers. An information disclosure vulnerability exists in HP Integrated Lights-Out. A remote attacker could exploit this vulnerability to cause information disclosure via TLS CBC Padding and MAC errors...

OpenSSH MAC Verification Security Bypass Vulnerability

OpenSSH is a set of connection tools maintained by the OpenBSD Project Group for secure access to remote computers. A security bypass vulnerability exists in OpenSSH MAC Verification, which allows attackers to bypass security restrictions and perform unauthorized operations...

Debian DLA-559-1 : ntp security update

Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs : CVE-2015-7974 Matt Street discovered that insufficient key validation allows impersonation attacks between authenticated peers. CVE-2015-7977 / CVE-2015-7978 Stephen Gray discovered that a NULL...

UBUNTU-CVE-2016-4955

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service peer-variable clearing and association outage by sending 1 a spoofed crypto-NAK packet or 2 a packet with an incorrect MAC value at a certain time...

DEBIAN-CVE-2016-2085

The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack...

UBUNTU-CVE-2016-2085

The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack...

ntp, ntpdate, sntp security update

CentOS Errata and Security Advisory CESA-2015:2231 Updated ntp packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...

CVE-2010-2057

shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code MAC, which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracl...

Fortinet FortiOS Input Validation Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. A security...

ntp: ntpd accepts unauthenticated packets with symmetric key crypto

It was found that ntpd did not check whether a Message Authentication Code MAC was present in a received packet when ntpd was configured to use symmetric cryptographic keys. A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer witho...

Cisco ASA Message Authentication Code Vulnerability (Cisco-SA-20150714-CVE-2015-4458)

Cisco ASA is prone to a Message Authentication Code checking vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

PT-2015-1639 · Cisco +1 · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software version 9.15.21 Description: The issue is related to the TLS implementation in the Cavium cryptographic-module firmware, which does not verify the MAC field. This allows man-in-the-middle attacke...

ntpd restrictions bypass

message authentication code implementation is invalid and can be bypasses...

UBUNTU-CVE-2015-1798

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC...

BiWEB最新门户版XFF注入一枚

简要描述： BiWEB最新门户版XFF注入一枚 详细说明： 在wooyun上看到了有人把biweb的shell拿到了： WooYun: BIWEB门户版Getwebshell漏洞 ，也有人提了其他漏洞，我也来找找它的漏洞吧。去官网下BiWEB门户版最新的5.8.3来看看。 看看用户登录处是怎么处理的。BiWEB首先对GET和POST进行了过滤，/config/filtrate.inc.php 这里就先不说这种过滤的脑残之处了。 继续往下看，判断用户是否可以正常登录的文件/user/login.php。 无关代码 if!empty$POST if...

Microsoft ASP.NET Insecure Site Configuration Vulnerability (2905247)

This host is missing an important security update according to Microsoft advisory 2905247. OpenVAS Vulnerability Test $Id: gbmicrosoftsecurityadvisory2905247.nasl 6086 2017-05-09 09:03:30Z teissa $ Microsoft ASP.NET Insecure Site Configuration Vulnerability 2905247 Authors: Thanga Prakash S...

Short Password Reset code vulnerability allows hackers to brute-force many websites

Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites. He detailed the loophole in password reset process, that could allow attackers to brute force many...