1122 matches found
CentOS Update for postgresql CESA-2011:1377 centos5 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for postgresql CESA-2011:1377 centos4 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for postgresql CESA-2012:1036 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
php security update
CentOS Errata and Security Advisory CESA-2012:1046 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
Default credentials
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
CVE-2012-2143
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
CVE-2012-2143
CVE-2012-2143 : The crypt_des (DES-based crypt) function in FreeBSD, as used by PHP, PostgreSQL, and other products, does not process the complete cleartext password when the password contains a 0x80 byte. This can allow context-dependent attackers to obtain access via an authentication attempt t...
Medium: php
Issue Overview: Integer overflow in the pharparsetarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted tar file that triggers a heap-based...
Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)
The PHP development team would like to announce the immediate availability of PHP 5.3.14. All users of PHP are encouraged to upgrade to PHP 5.3.14. The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. PHP 5.3.14...
RedHat Update for postgresql RHSA-2012:1036-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
FreeBSD : FreeBSD -- Incorrect crypt() hashing (185ff22e-c066-11e1-b5e0-000c299b62e1)
Problem description : There is a programming error in the DES implementation used in crypt when handling input which contains characters that cannot be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set 0x80, that character and all characters...
Moderate: Red Hat Security Advisory: php53 security update
Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
crypt(): DES encrypted password weakness
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
RHEL 5 : postgresql (RHSA-2012:1036)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1036 advisory. - BSD crypt: DES encrypted password weakness CVE-2012-2143 Note that Nessus has not tested for this issue but has instead relied only on the...
Mandriva Linux Security Advisory : php (MDVSA-2012:093)
Multiple vulnerabilities has been identified and fixed in php : There is a programming error in the DES implementation used in crypt in ext/standard/cryptfreesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with...
PHP 5.4.x < 5.4.4 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.4, and as such is potentially affected the following vulnerabilities : - An integer overflow error exists in the function 'pharparsetarfile' in the file 'ext/phar/tar.c'. This error can lead to a...
PHP 5.3.x < 5.3.14 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is 5.3.x earlier than 5.3.14, and is, therefore, potentially affected the following vulnerabilities : - An integer overflow error exists in the function 'pharparsetarfile' in the file 'ext/phar/tar.c'. This error can lead to...
Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)
Multiple vulnerabilities has been discovered and corrected in postgresql : Fix incorrect password transformation in contrib/pgcrypto's DES crypt function Solar Designer. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much...
FreeBSD Security Advisory FreeBSD-SA-12:02.crypt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...
FreeBSD crypt() implementation vulnerability
8-bit characters are ignored during DES hash calculation...