10 matches found
CVE-2013-1430
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file /.vnc/sesman$usernamepasswd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key...
Null pointer dereference
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
AIX 5.3 TL 9 : ftpd (IZ83252)
There is a buffer overflow vulnerability in the ftp server. By issuing an overly long NLST command, an attacker may cause a buffer overflow. The successful exploitation of this vulnerability allows a remote attacker to get the DES encrypted user hashes off the server if FTP is configured to allow...
AIX 5.3 TL 11 : ftpd (IZ83275)
There is a buffer overflow vulnerability in the ftp server. By issuing an overly long NLST command, an attacker may cause a buffer overflow. The successful exploitation of this vulnerability allows a remote attacker to get the DES encrypted user hashes off the server if FTP is configured to allow...
RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:1037)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1037 advisory. - BSD crypt: DES encrypted password weakness CVE-2012-2143 - postgresql: Ability of database owners to install procedural languages via...
AIX 5.3 TL 12 : bos.net.tcp.client (U838600)
The remote host is missing AIX PTF U838600, which is related to the security of the package bos.net.tcp.client. There is a buffer overflow vulnerability in the ftp server. By issuing an overly long NLST command, an attacker may cause a buffer overflow. The successful exploitation of this...
AIX 5.3 TL 11 : bos.net.tcp.client (U838020)
The remote host is missing AIX PTF U838020, which is related to the security of the package bos.net.tcp.client. There is a buffer overflow vulnerability in the ftp server. By issuing an overly long NLST command, an attacker may cause a buffer overflow. The successful exploitation of this...
[UNIX] WebAPP Directory Traversal and Encrypted DES Disclosure
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
WebAPP directory traversal and ability to retrieve the DES encrypted password hash
WebAPP is advertised as the internet's most feature rich, easy to run PERL based portal system. Its home site is at http://www.web-app.org/ Some features are : -Easy to Install on standard Unix servers! Windows user-supported only! -User Profiles -Message forums -Private messaging between members...
Дырка в Banner Rotation 01
Файл adpassword.txt открытый на чтение содаржит шифрованный DES пароль администрирования. Кроме того по-умолчанию используется пароль admin...