Lucene search
K

5397 matches found

Cisco
Cisco
added 2006/09/05 5:39 p.m.35 views

OpenSSL RSA Signature Forgery Vulnerability

OpenSSL versions 0.9.7j and prior and 0.9.8b and prior contain a vulnerability that could allow an unauthenticated, remote attacker to successfully pass a forged X.509 certificate. The vulnerability could allow an unauthenticated, remote attacker to pass a forged Public-Key Cryptography Standards...

6.4CVSS7AI score0.00781EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2006/08/10 12:0 a.m.29 views

MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Description Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls ...

7.2CVSS7.4AI score0.00512EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/03 12:0 a.m.35 views

CentOS 3 / 4 : openssl096b (CESA-2005:830)

Updated OpenSSL096b compatibility packages that fix a remote denial of service vulnerability are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer...

7.5CVSS7.9AI score0.09537EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2006/04/18 11:12 a.m.5 views

security flaw

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method...

9.3CVSS7.8AI score0.09488EPSS
Exploits0References4
securityvulns
securityvulns
added 2006/03/24 12:0 a.m.38 views

Password Safe 3.0beta weak cryptography in PRNG

rand is used on systems different from Windows XP...

1.8AI score
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2006/03/22 12:0 a.m.15 views

FreeBSD-SA-06:11.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:11.ipsec Security Advisory The FreeBSD Project Topic: IPsec replay attack vulnerability Category: core Module: sysnetipsec Announced: 2006-03-22 Credits: Pawel...

7.5CVSS5.8AI score0.01804EPSS
Exploits0
securityvulns
securityvulns
added 2006/02/24 12:0 a.m.43 views

Perl Crypt::CBC module weak cryptography

Invalid Initialization vector generation algorithm for block cyphers with blocks different from 8 bytes Rijndael...

4AI score
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.13 views

CVE-2005-4860

Spectrum Cash Receipting System before 6.504 uses weak cryptography static substitution in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password...

7.8CVSS7.7AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2005/12/31 12:0 a.m.4 views

PT-2005-5521 · Spectrum · Spectrum Cash Receipting System

Name of the Vulnerable Software and Affected Versions: Spectrum Cash Receipting System versions prior to 6.504 Description: The issue concerns the use of weak cryptography, specifically static substitution, in the PASSFILE password file. This weakness makes it easier for local users to gain...

7.8CVSS6.7AI score0.002EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/12/16 12:0 a.m.24 views

Avaya wireless access points weak cryptography

Static WEP key 12345 is used...

2.5AI score
Exploits0References1
CVE
CVE
added 2005/11/21 11:0 a.m.44 views

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98/ME is affected by a cryptographic weakness: the product uses arithmetic and XOR operations to relate the Control password to the Administrator password, enabling local users who know the Control password and password recovery key to compute the Adm...

2.1CVSS6.9AI score0.00833EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/11/21 11:0 a.m.20 views

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography arithmetic and XOR operations to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recove...

6.5AI score0.00833EPSS
Exploits1References5
securityvulns
securityvulns
added 2005/11/17 12:0 a.m.27 views

PasswordSafe weak cryptography

Key derived from user password with fast algorythm is used as a key for block cypher, making it easy to bruteforce user password...

1.8AI score
Exploits0References1Affected Software2
exploitpack
exploitpack
added 2005/11/05 12:0 a.m.24 views

linux-ftpd-ssl 0.17 - MKDCWD Remote Code Execution

linux-ftpd-ssl 0.17 - MKDCWD Remote Code Execution /Oct2005 VER2/ // / lnxFTPDsslwarez.c / / linux-ftpd-ssl 0.17 remote r00t exploit by kcope / / for all of those who installed the ssl ready version / / of linux-ftpd to be more "secure" / / / / be aware of the buffer overflows, / / the code is...

Exploits0
seebug.org
seebug.org
added 2005/11/05 12:0 a.m.38 views

linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit

No description provided by source. /Oct2005 VER2/ // / lnxFTPDsslwarez.c / / linux-ftpd-ssl 0.17 remote r00t exploit by kcope / / for all of those who installed the ssl ready version / / of linux-ftpd to be more "secure" / / / / be aware of the buffer overflows, / / the code is strong cryto / // ...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/04 12:0 a.m.36 views

RHEL 2.1 : openssl (RHSA-2005:829)

Updated OpenSSL packages that fix a remote denial of service vulnerability are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3,...

7.5CVSS8.1AI score0.09537EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/10/19 12:0 a.m.50 views

Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)

Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various...

7.5CVSS6.4AI score0.04866EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/10/11 12:0 a.m.47 views

OpenSSL SSL 2.0 rollback (weak cryptography)

Active man-in-the-middle attacker can force rollback to SSL 2.0 protocol with known cryptographic weakness for both client and server if SSLOPMSIESSLV2RSAPADDING or SSLOPALL configuration option is enabled...

3.3AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/09/17 12:0 a.m.38 views

RHEL 2.1 : mod_ssl (RHSA-2005:773)

An updated modssl package for Apache that corrects a security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and...

10CVSS6.5AI score0.30576EPSS
Exploits0References3
Debian
Debian
added 2005/09/12 2:21 p.m.28 views

[SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 807-1 [email protected] http://www.debian.org/security/ Martin Schulze September 12th, 2005 http://www.debian.org/security/faq -...

10CVSS0.4AI score0.30576EPSS
Exploits0
Rows per page
Query Builder