10 matches found
USN-7906-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning ZTP that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s des...
Debian: Security Advisory (DLA-1015-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1015-1 : libgcrypt11 security update
It was discovered that there was a key disclosure vulnerability in libgcrypt11 a library of cryptographic routines : It is well known that constant-time implementations of modular exponentiation cannot use sliding windows. However, software libraries such as Libgcrypt, used by GnuPG, continue to...
openSUSE Security Update : libxslt (libxslt-110)
A heap overflow in the RC4 cryptographic routines in libxslt was fixed which could be used by attackers to potentially execute code. CVE-2008-2935 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...
CVE-2008-5659
The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...
CVE-2008-5659
The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...
CVE-2008-5659
The CVE-2008-5659 issue affects the GNU Classpath project’s gnu.java.security.util.PRNG class (version 0.97.2 and earlier). The vulnerability stems from a predictable seed based on the system time, enabling context‑dependent attackers to perform brute‑force attempts against cryptographic routines...
CVE-2008-5659
The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...
Re: SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Symantec in its advisory: SYMSA-2006-003, posted on May 8, 2006. The original email/advisory is available at:...