CVE-2012-4698

Siemens RuggedCom Rugged Operating System ROS before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network...

Fedora Update for plexus-cipher FEDORA-2012-19267

Check for the Version of plexus-cipher OpenVAS Vulnerability Test Fedora Update for plexus-cipher FEDORA-2012-19267 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for plexus-cipher FEDORA-2012-19233

Check for the Version of plexus-cipher OpenVAS Vulnerability Test Fedora Update for plexus-cipher FEDORA-2012-19233 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 18 Update: plexus-cipher-1.5-11.fc18

Plexus Cipher: encryption/decryption Component...

[SECURITY] Fedora 16 Update: plexus-cipher-1.5-11.fc16

Plexus Cipher: encryption/decryption Component...

[SECURITY] Fedora 17 Update: plexus-cipher-1.5-11.fc17

Plexus Cipher: encryption/decryption Component...

DEBIAN-CVE-2012-6059

The dissectisakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service application crash via...

CVE-2012-6059

The dissectisakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service application crash via...

NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout

======= Summary ======= Name: DataArmor Full Disk Encryption - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption Release Date: 30 November 2012 Reference: NGS00193 Discoverer: Stuart Passe [email protected] Vendor: Mobile Armor Vendor Reference: KB 1060043...

DataArmor / DriveArmor Privilege Escalation / Decryption Vulnerability

DataArmor and DriveArmor versions prior to 3.0.12.861 suffer from restricted environment breakout, privilege escalation, and full disk decryption vulnerabilities. ======= Summary ======= Name: DataArmor Full Disk Encryption - Restricted Environment breakout, Privilege Escalation and Full Disk...

DataArmor / DriveArmor Privilege Escalation / Decryption

======= Summary ======= Name: DataArmor Full Disk Encryption - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption Release Date: 30 November 2012 Reference: NGS00193 Discoverer: Stuart Passe Vendor: Mobile Armor Vendor Reference: KB 1060043 Systems Affected: All version...

CVE-2012-4409

Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...

CVE-2012-4409

Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...

SSL Certificate Signed with the Compromised FortiGate Key

The X.509 certificate of the remote host was signed by a certificate belonging to a Certificate Authority CA found in FortiGate devices. The private key corresponding to the CA has been compromised, meaning that the remote host's X.509 certificate cannot be trusted. Certificate chains descending...

Huawei (Multiple Products) - Password Encryption

Huawei Multiple Products - Password Encryption source: https://www.securityfocus.com/bid/56510/info Multiple Huawei products are prone to a weak password encryption weakness. Successful exploits may allow an attacker to decrypt stored passwords; this may aid in further attacks. The following are...

Huawei (Multiple Products) - Password Encryption

source: https://www.securityfocus.com/bid/56510/info Multiple Huawei products are prone to a weak password encryption weakness. Successful exploits may allow an attacker to decrypt stored passwords; this may aid in further attacks. The following are vulnerable: Huawei Quidway series Huawei CX600...

[Android Privacy Guard v1.0.8] OpenPGP for Android

There's no public key encryption for Android yet, but that's an important feature for many of us. Android Privacy Guard is to manage OpenPGP keys on your phone, use them to encrypt, sign, decrypt emails and files. Change log v1.0.8 HKP key server support app2sd support more pass phrase cache...

[TCHead] TrueCrypt Password Cracking Tool

TCHead is software that decrypts and verifies TrueCrypt headers. TCHead supports all the current hashes, individual ciphers, standard volume headers, hidden volume headers and system drive encrypted headers preboot authentication. Brute-force TrueCrypt : However, TrueCrypt passwords go through ma...

Social Engineers Launch New Attack on Embattled Banks

As a number of major U.S. financial institutions deal with the aftermath of what was perhaps the largest DDoS campaign ever, researchers at FireEye are reporting on a separate phishing attack that establishes a channel of malicious communications on its victims’ computers. The attack is affecting...

openssl: uninitialized SSL 3.0 padding

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...