Lucene search
K

2878 matches found

OSV
OSV
added 2010/09/17 6:0 p.m.2 views

DEBIAN-CVE-2010-3073

SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...

2.1CVSS6.1AI score0.00713EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2010/09/17 6:0 p.m.18 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5CVSS5.8AI score0.02063EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2010/09/17 6:0 p.m.18 views

CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

2.1CVSS5.9AI score0.00386EPSS
Exploits0References1
Prion
Prion
added 2010/09/17 6:0 p.m.15 views

Input validation

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

2.1CVSS6.1AI score0.00386EPSS
Exploits0References15Affected Software1
Prion
Prion
added 2010/09/17 6:0 p.m.13 views

Design/Logic Flaw

SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...

2.1CVSS6.1AI score0.00713EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2010/09/17 6:0 p.m.9 views

UBUNTU-CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

2.1CVSS5.8AI score0.00386EPSS
Exploits0References2
CVE
CVE
added 2010/09/17 5:46 p.m.62 views

CVE-2010-3075

EncFS prior to 1.7.0 uses CFB with the same initialization vector across multiple blocks, enabling local attackers to recover XORed data and reveal sensitive information (e.g., last block containing a single byte). The vulnerability is documented across multiple sources (e.g., SUSE advisories not...

5CVSS5.7AI score0.02063EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2010/09/17 5:46 p.m.44 views

CVE-2010-3074

CVE-2010-3074 affects EncFS prior to 1.7.0, where SSL_Cipher.cpp uses an improper combination of AES and CBC modes for encrypted filesystems. This configuration enables a watermarking-like information exposure via local access. Several sources (NVD entry and vendor/OSS advisories) corroborate the...

2.1CVSS5.6AI score0.00386EPSS
Exploits0References15Affected Software1
Cvelist
Cvelist
added 2010/09/17 5:46 p.m.20 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5.5AI score0.02063EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2010/09/17 5:46 p.m.15 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5CVSS5.6AI score0.02063EPSS
Exploits0
Debian CVE
Debian CVE
added 2010/09/17 5:46 p.m.16 views

CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

2.1CVSS5.5AI score0.00386EPSS
Exploits0
Cvelist
Cvelist
added 2010/09/17 5:46 p.m.23 views

CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

5.5AI score0.00386EPSS
Exploits0References15
exploitpack
exploitpack
added 2010/08/26 12:0 a.m.12 views

EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation

EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode...

7.4AI score
Exploits0
NVD
NVD
added 2010/05/21 8:30 p.m.18 views

CVE-2010-2011

Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...

4CVSS6AI score0.10741EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2010/05/21 8:30 p.m.3 views

CVE-2010-2011

Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...

4CVSS5.6AI score0.10741EPSS
Exploits0References5
Cvelist
Cvelist
added 2010/05/21 8:0 p.m.15 views

CVE-2010-2011

Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...

6AI score0.10741EPSS
Exploits0References3
CVE
CVE
added 2010/05/21 8:0 p.m.42 views

CVE-2010-2011

Microsoft Dynamics GP is affected by CVE-2010-2011, where a substitution cipher used to encrypt the system password field (and unspecified other fields) can allow remote authenticated users to decrypt content and obtain sensitive information. The vulnerability stems from weak/encryption method us...

4CVSS6.1AI score0.10741EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2010/04/16 12:0 a.m.139 views

SSL/TLS: Cipher Settings

This plugin allows to overwrite the internal classification of SSL/TLS Ciphers used for the reporting of Strong, Medium and Weak Ciphers within the following VTs: - SSL/TLS: Report Non Weak Cipher Suites OID: 1.3.6.1.4.1.25623.1.0.103441 - SSL/TLS: Report Medium Cipher Suites OID:...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/13 12:0 a.m.103 views

SSL/TLS: Check Supported Cipher Suites

This routine connects to a SSL/TLS service and checks the quality of the accepted cipher suites. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

5.8AI score
Exploits0
OpenVAS
OpenVAS
added 2010/03/31 12:0 a.m.88 views

RedHat Update for openssl RHSA-2010:0162-01

Check for the Version of openssl OpenVAS Vulnerability Test RedHat Update for openssl RHSA-2010:0162-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS7.9AI score0.87264EPSS
Exploits15References2
Rows per page
Query Builder