CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

DEBIAN-CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

Code injection

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

CVE-2006-0898 affects the Perl module Crypt::CBC (versions up to 2.16) when running in RandomIV mode, where an 8-byte IV is used. This leads to weaker encryption for ciphers with block sizes larger than 8 bytes (e.g., Rijndael). Multiple connected advisories note a fixed/enhancement path via upda...

Perl Crypt::CBC module weak cryptography

Invalid Initialization vector generation algorithm for block cyphers with blocks different from 8 bytes Rijndael...

Vulnerability in Crypt::CBC Perl module, versions <= 2.16

Perl Module Security Advisory ------------------------------------------------------------------------------- Title: Crypt::CBC ciphertext weakness when using certain block algorithms Severity: High Versions: All versions = 2.16. Date: 23 February 2006...

Mandrake Linux Security Advisory : kernel (MDKSA-2006:040)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The udpv6getport function in udp.c, when running IPv6, allows local users to cause a Denial of Service infinite loop and crash CVE-2005-2973. The mqopen system call in certain situations can decrement a counter...

Ubuntu 4.10 / 5.04 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-244-1)

Doug Chapman discovered a flaw in the reference counting in the sysmqopen function. By calling this function in a special way, a local attacker could exploit this to cause a kernel crash. CVE-2005-3356 Karl Janmar discovered that the /proc file system module used signed data types in a wrong way....

Linux kernel multiple vulnerabilities

TwinHan DST Frontend/Card DVB driver buffer overflow, dm-crypt module doesn't clear memory...

Information disclosure

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key...

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key...

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key...

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key...

CVE-2006-0095

CVE-2006-0095 affects dm-crypt in Linux kernel 2.6.15 and earlier, where an internal structure isn’t cleared before freeing, potentially leaking cryptographic key material to local users. Connected advisories (e.g., RHSA-2006:0132 and Debian DSA-1017-1) confirm the issue and describe the fix as a...

CVE-2004-2337

The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials...

CVE-2004-2337

The CVE-2004-2337 entry concerns the file /.inlook/.crypt in inlook 0.7.3 and earlier, which is installed with world readable permissions. This allows local users to access POP3 credentials stored by the application. The root cause is improper permissions on the .crypt file, leading to confidenti...

CVE-2004-2136

dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption...