12 matches found
Debian DSA-3673-1 : openssl - security update
Several vulnerabilities were discovered in OpenSSL : - CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-p ointer-arithmetic/ - CVE-2016-2178 Cesar Pereida, Billy...
DSA-3673-2 openssl - regression update
Bulletin has no description...
[SECURITY] [DSA 3673-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3673-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 22, 2016 https://www.debian.org/security/faq -...
RHEL 5 : MRG (RHSA-2014:0441)
Updated Messaging component packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common...
CVE-2013-6445
Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...
CVE-2013-6445
Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...
cumin: weak password hashing
Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...
Default credentials
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
CVE-2012-2143
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
CVE-2012-2143
CVE-2012-2143 : The crypt_des (DES-based crypt) function in FreeBSD, as used by PHP, PostgreSQL, and other products, does not process the complete cleartext password when the password contains a 0x80 byte. This can allow context-dependent attackers to obtain access via an authentication attempt t...
Medium: php
Issue Overview: Integer overflow in the pharparsetarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted tar file that triggers a heap-based...
DSA-2491-1 postgresql-8.4 - several
Bulletin has no description...