733 matches found
CVE-2008-3188
CVE-2008-3188 concerns libxcrypt in SUSE openSUSE 11.0. The root cause is that when the MD5 password-hash setting is configured, libxcrypt still uses DES, enabling easier brute-force attacks on hashed passwords. This vulnerability affects openSUSE 11.0 where MD5 is configured but DES is used inst...
CVE-2008-3188
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords...
PT-2008-4605 · Suse · Opensuse
Name of the Vulnerable Software and Affected Versions: SUSE openSUSE version 11.0 Description: The issue makes it easier for attackers to conduct brute-force attacks against hashed passwords due to the use of the DES algorithm when the configuration specifies the MD5 algorithm. Recommendations: F...
Unfixed XSS vulnerability at www.annuaire-des-transports.com
Security researcher xerces, has submitted on 20/06/2008 a cross-site-scripting XSS vulnerability affecting www.annuaire-des-transports.com, which at the time of submission ranked 457475 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/07/2008...
Unfixed XSS vulnerability at www.protection-des-animaux.org
Security researcher Mystick, has submitted on 06/10/2008 a cross-site-scripting XSS vulnerability affecting www.protection-des-animaux.org, which at the time of submission ranked 252517 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/03/2009...
Novell Client nwspool.dll EnumPrinters buffer overflow
Added: 02/22/2008 CVE: CVE-2008-0639 BID: 27741 OSVDB: 41510 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by a buffer overflow in the EnumPrinters function, allowing remote attackers to execute...
Debian Security Advisory DSA 273-1 (krb4)
The remote host is missing an update to krb4 announced via advisory DSA 273-1. OpenVAS Vulnerability Test $Id: deb2731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 273-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-269)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Samba lsa_io_trans_names buffer overflow
Added: 12/24/2007 CVE: CVE-2007-2446 BID: 24195 OSVDB: 34699 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in the LSA RPC interface allows a remote attacker to execute...
Unfixed XSS vulnerability at www.annuairedesentreprisesadie.org
Security researcher BackDoor, has submitted on 09/10/2007 a cross-site-scripting XSS vulnerability affecting www.annuairedesentreprisesadie.org, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/10/2007...
Novell Client 4.91 SP4 nwspool.dll buffer overflow
Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...
Novell Client 4.91 SP4 nwspool.dll buffer overflow
Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...
Computer Associates Alert Notification Server buffer overflow
Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...
Computer Associates Alert Notification Server buffer overflow
Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...
realtor-sql.txt
--==+================================================================================+==-- --==+ Realtor 747 SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: http://www.it747.com/realtor747...
Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility
Exploit for unknown platform in category web applications ==================================================================== Realtor 747 index.php categoryid Remote SQL Injection Vulnerbility ====================================================================...
Realtor 747 - index.php?categoryId SQL Injection
Realtor 747 - index.php?categoryId SQL Injection --==+================================================================================+==-- --==+ Realtor 747 SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZ...
CVE-2007-2332
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 605.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store...
CVE-2007-2332
The CVE-2007-2332 issue affects Nortel VPN Router (Contivity) models 1000/2000/4000/5000 prior to 6_05.140. The underlying weakness is a fixed DES key used to encrypt passwords, enabling remote authenticated users to brute-force a password from the LDAP store. Impact is credential exposure for pa...
Unix/BSD/Linux the password mechanism of the century-vulnerability and early warning-the black bar safety net
Freebird [email protected] 1. Overview Early U N I X system to a user password stored in a plain text readable“password file”, which may be in the system administrator's attention to the case of not being intercepted and exposed. It also may have been in one accident in the leak. From AT&T UNIX...