2878 matches found
DEBIAN-CVE-2010-3073
SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3074
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
Input validation
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
Design/Logic Flaw
SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...
UBUNTU-CVE-2010-3074
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
CVE-2010-3075
EncFS prior to 1.7.0 uses CFB with the same initialization vector across multiple blocks, enabling local attackers to recover XORed data and reveal sensitive information (e.g., last block containing a single byte). The vulnerability is documented across multiple sources (e.g., SUSE advisories not...
CVE-2010-3074
CVE-2010-3074 affects EncFS prior to 1.7.0, where SSL_Cipher.cpp uses an improper combination of AES and CBC modes for encrypted filesystems. This configuration enables a watermarking-like information exposure via local access. Several sources (NVD entry and vendor/OSS advisories) corroborate the...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3074
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
CVE-2010-3074
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode...
CVE-2010-2011
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...
CVE-2010-2011
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...
CVE-2010-2011
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...
CVE-2010-2011
Microsoft Dynamics GP is affected by CVE-2010-2011, where a substitution cipher used to encrypt the system password field (and unspecified other fields) can allow remote authenticated users to decrypt content and obtain sensitive information. The vulnerability stems from weak/encryption method us...
SSL/TLS: Cipher Settings
This plugin allows to overwrite the internal classification of SSL/TLS Ciphers used for the reporting of Strong, Medium and Weak Ciphers within the following VTs: - SSL/TLS: Report Non Weak Cipher Suites OID: 1.3.6.1.4.1.25623.1.0.103441 - SSL/TLS: Report Medium Cipher Suites OID:...
SSL/TLS: Check Supported Cipher Suites
This routine connects to a SSL/TLS service and checks the quality of the accepted cipher suites. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
RedHat Update for openssl RHSA-2010:0162-01
Check for the Version of openssl OpenVAS Vulnerability Test RedHat Update for openssl RHSA-2010:0162-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...