295 matches found
D-Link DAR-8000/DAR-7000系列上网行为审计网关 存在任意文件读取
No description provided by source...
D-Link DAR-7000 系列上网行为审计网关 importexport.php 文件SQL注入漏洞
No description provided by source...
D-Link DAR-8000/DAR-7000系列上网行为审计网关 任意sql语句执行
No description provided by source...
Art And Soul Design SQL Injection
Exploit Title: Art And Soul Design SQL Injection Vulnerability Date: 18/01/2012 - 04.24 Author: 3spi0n Software Website: http://www.artandsoul.co.uk/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: image.php $ Demo Sites: www.the-picture-box.co.uk/image.php?id=2" SQL...
D-Zayn Web Design Access SQL Injection
Exploit Title: D-Zayn Web Design Access SQL Injecti0n Vulnerability Date: 25/12/2011 Author: 3spi0n Software Website: http://www.d-zayn.com/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Dorks: "created by d-zayn.com" Vulnerable File : " All Files " $ Demo Sites:...
Yaws 1.80 - Multiple Headers Remote Denial of Service Vulnerabilities
Yaws 1.80 - Multiple Headers Remote Denial of Service Vulnerabilities !usr/bin/perl -w Yaws before 1.80 allows remote attackers to cause a denial of service memory consumption and crash via a request with a large number of headers. Refer: http://yaws.hyber.org/...
Fedora Update for dar FEDORA-2007-0904
Check for the Version of dar OpenVAS Vulnerability Test Fedora Update for dar FEDORA-2007-0904 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
Fedora 7 : dar-2.3.4-1.fc7 (2007-0904)
Adding CVE reference Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] Fedora 7 Update: dar-2.3.4-1.fc7
DAR is a command line tool to backup a directory tree and files. DAR is able to make differential backups, split them over a set of disks or files of a given size, use compression, filter files or subtrees to be saved or not saved, directly access and restore given files. DAR is also able to hand...
Design/Logic Flaw
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-3528
CVE-2007-3528 affects DAR (Digital Alarm Router? actually the DAR project) before version 2.3.4. The vulnerability stems from the Blowfish-CBC mode: (1) make_ivec in libdar/crypto.cpp discards random bits, producing predictable and repeating IVs, and (2) direct use of a password for keying. This ...