Lucene search
K

5407 matches found

CVE
CVE
added 2007/11/01 4:4 p.m.39 views

CVE-2007-5790

The CVE-2007-5790 entry concerns the Globe7 soft phone client 7.3, where the password is protected by weak cryptography described as a reversed sequence of binary values. This vulnerability could allow local users to obtain sensitive information. The available documents state the impact as partia...

2.1CVSS6.2AI score0.003EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/10/25 12:0 a.m.32 views

RHEL 2.1 / 3 : openssl (RHSA-2007:0813)

Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport...

6.8CVSS7.2AI score0.16061EPSS
Exploits1References5
Cent OS
Cent OS
added 2007/10/23 11:23 p.m.66 views

openssl security update

CentOS Errata and Security Advisory CESA-2007:0813-01 Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that...

6.8CVSS6.8AI score0.16061EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2007/10/22 10:36 a.m.37 views

Moderate: Red Hat Security Advisory: openssl security update

Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport...

6.8CVSS6.8AI score0.16061EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/08/13 12:0 a.m.41 views

OpenSSL cryptographic vulnerability

Montgomery multiplication for elleptic cryptography is not applied in BNfrommontgomery functions, making it possible to retrieve RSA private key of different user...

1.2CVSS3.8AI score0.00409EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2007/08/08 1:52 a.m.16 views

CVE-2005-4860

Spectrum Cash Receipting System before 6.504 uses weak cryptography static substitution in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password...

7.7AI score0.002EPSS
Exploits0References3
CVE
CVE
added 2007/08/08 1:52 a.m.41 views

CVE-2005-4860

Spectrum Cash Receipting System prior to version 6.504 is vulnerable due to weak cryptography (static substitution) in the PASSFILE password file, enabling local users to gain privileges by decrypting a password. Affected: Spectrum Cash Receipting System before 6.504. Root cause: use of static su...

7.8CVSS7.1AI score0.002EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2007/08/04 12:0 a.m.10 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

6.3AI score0.01046EPSS
Exploits0References3
NVD
NVD
added 2007/08/03 8:17 p.m.18 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

7.5CVSS7.3AI score0.01046EPSS
Exploits0References3
Prion
Prion
added 2007/08/03 8:17 p.m.22 views

Design/Logic Flaw

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

5CVSS6.5AI score0.01046EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/08/03 8:0 p.m.55 views

CVE-2007-4150

The CVE-2007-4150 issue affects Visionsoft Audit 12.4.0.0 (Visionsoft Audit) where weak cryptography (XOR) is used for passwords: during transmission over the network (passwords can be sniffed) and in the configuration file (local read access can reveal passwords). No further exploit details are ...

7.5CVSS7.3AI score0.01046EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/08/03 8:0 p.m.24 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

7.3AI score0.01046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2007/08/03 12:0 a.m.4 views

PT-2007-5346 · Visionsoft · Visionsoft Audit

Name of the Vulnerable Software and Affected Versions: Visionsoft Audit version 12.4.0.0 Description: The issue concerns the use of weak cryptography, specifically XOR, in two areas: transmitting passwords over the network and storing passwords in a configuration file. This weakness allows remote...

7.5CVSS7.4AI score0.01046EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/07/18 12:0 a.m.22 views

Solaris 10 (x86) : 125794-02

SunOS 5.10x86: cryptmod patch. Date this patch was last updated by Sun : Jul/05/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

6.9CVSS6.7AI score0.00326EPSS
Exploits0References2
NVD
NVD
added 2007/07/03 6:30 p.m.21 views

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

5CVSS6.5AI score0.0176EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2007/07/03 6:30 p.m.18 views

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

5CVSS5.9AI score0.0176EPSS
Exploits0References1
Prion
Prion
added 2007/07/03 6:30 p.m.18 views

Design/Logic Flaw

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

5CVSS7.1AI score0.0176EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2007/07/03 6:30 p.m.5 views

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

6.8AI score
Exploits0References8
Cvelist
Cvelist
added 2007/07/03 6:0 p.m.26 views

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

6.4AI score0.0176EPSS
Exploits0References8
CVE
CVE
added 2007/07/03 6:0 p.m.47 views

CVE-2007-3528

CVE-2007-3528 affects DAR (Digital Alarm Router? actually the DAR project) before version 2.3.4. The vulnerability stems from the Blowfish-CBC mode: (1) make_ivec in libdar/crypto.cpp discards random bits, producing predictable and repeating IVs, and (2) direct use of a password for keying. This ...

5CVSS6.4AI score0.0176EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder