Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2017/08/07 8:29 p.m.28 views

CVE-2014-3462

The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes"...

7.5CVSS7.1AI score0.03112EPSS
Exploits0References3
OSV
OSV
added 2017/08/07 8:29 p.m.7 views

CVE-2014-3462

The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes"...

7.5CVSS7.5AI score
Exploits0References6
CVE
CVE
added 2017/08/07 8:0 p.m.88 views

CVE-2014-3462

The CVE-2014-3462 issue affects encfs before 1.7.5, where the .encfs6.xml configuration file can be manipulated by setting blockMACBytes to 0 and increasing blockMACRandBytes by 8, enabling a remote attacker to access sensitive data. Public reports consistently describe this as a data disclosure ...

7.5CVSS7.3AI score0.03112EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2017/08/07 8:0 p.m.24 views

CVE-2014-3462

The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes"...

7.5CVSS7.4AI score0.03112EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/17 12:0 a.m.25 views

openSUSE Security Update : encfs (openSUSE-2017-82)

This update for encfs fixes the following issues : - A new option --require-macs was added to address CVE-2014-3462 boo878257 This will now trigger a warning if MAC headers were disabled via configuration. In addition, encfs was updated to 1.8.1 including all upstream improvements and fixes...

7.5CVSS7.2AI score0.03112EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/01/21 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2016-0026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03112EPSS
Exploits0References4
Mageia
Mageia
added 2016/01/20 5:53 p.m.42 views

Updated encfs packages fix security vulnerability

A local attacker can utilize a possible buffer overflow in the encodeName method of StreamNameIO and BlockNameIO to execute arbitrary code or cause a Denial of Service. Also multiple weak cryptographics practices have been found in encfs CVE-2014-3462...

7.5CVSS8.2AI score0.03112EPSS
Exploits0References2
Rows per page
Query Builder