Lucene search
K

181 matches found

NVD
NVD
added 2015/01/18 6:59 p.m.18 views

CVE-2013-7252

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack...

5CVSS6.3AI score0.02147EPSS
Exploits1References7
Prion
Prion
added 2015/01/18 6:59 p.m.14 views

Code injection

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack...

5CVSS6.9AI score0.02147EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2015/01/18 6:0 p.m.56 views

CVE-2013-7252

KWallet's kwalletd (KWallet before KDE Applications 14.12.0) uses Blowfish with ECB mode to encrypt the password store instead of CBC, enabling codebook-style attacks to guess passwords when the password store is accessible. This vulnerability is documented across multiple advisories (GLSA-201606...

5CVSS6.4AI score0.02147EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2015/01/18 6:0 p.m.30 views

CVE-2013-7252

Removed by vendor...

5CVSS6.7AI score0.02147EPSS
Exploits1
0day.today
0day.today
added 2015/01/07 12:0 a.m.68 views

McAfee ePolicy Orchestrator Authenticated XXE Credential Exposure Exploit

This Metasploit module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password as the...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.36 views

KDE Konversation / Quassel IRC memory corruption

Memory corruption on ECB decryption...

5CVSS3.4AI score0.0355EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.61 views

[USN-2401-1] Konversation vulnerability

========================================================================== Ubuntu Security Notice USN-2401-1 November 10, 2014 konversation vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

5CVSS0.2AI score0.0355EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.31 views

Fedora 20 : konversation-1.5.1-1.fc20 (2014-13791)

Konversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the precedi...

5CVSS5.4AI score0.0355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.35 views

Fedora 19 : konversation-1.5.1-1.fc19 (2014-13702)

Konversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the precedi...

5CVSS5.4AI score0.0355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/13 12:0 a.m.24 views

openSUSE Security Update : konversation (openSUSE-SU-2014:1406-1)

konversation was updated to version 1.5.1, fixing bugs and one security issue. Changes : - Konversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. The KDE...

5CVSS5.4AI score0.0355EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.20 views

Fedora 21 : konversation-1.5.1-1.fc21 (2014-13837)

Konversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the precedi...

5CVSS5.4AI score0.0355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.91 views

Ubuntu 12.04 LTS : konversation vulnerability (USN-2401-1)

Manuel Nickschas discovered that Konversation did not properly perform input sanitization when using Blowfish ECB encryption. A remote attacker could exploit this to cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...

5CVSS5.4AI score0.0355EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/11 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-2401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.0355EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2014/11/10 8:7 p.m.51 views

USN-2401-1: Konversation vulnerability

Manuel Nickschas discovered that Konversation did not properly perform input sanitization when using Blowfish ECB encryption. A remote attacker could exploit this to cause a denial of service...

5CVSS5.3AI score0.0355EPSS
Exploits0
ArchLinux
ArchLinux
added 2014/11/09 12:0 a.m.32 views

konversation: denial of service

Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user...

5CVSS3.4AI score0.0355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/06 12:0 a.m.30 views

FreeBSD : Konversation -- out-of-bounds read on a heap-allocated array (0167f5ad-64ea-11e4-98c1-00269ee29e57)

Konversation developers report : Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user. %NASLMINLEVEL 70300 C Tenable Network...

5CVSS5.3AI score0.0355EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2014/11/04 12:0 a.m.27 views

Konversation -- out-of-bounds read on a heap-allocated array

Konversation developers report: Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user...

5CVSS6.2AI score0.0355EPSS
Exploits0References1
Mageia
Mageia
added 2014/10/29 11:30 a.m.27 views

Updated quassel packages fix security vulnerability

Due to and out-of-bounds read issue in Quassel core in The ECB Blowfish decryption function, a malicious client can cause either denial of service or disclosure of information from process memory by using an improperly formed message CVE-2014-8483...

5CVSS6.1AI score0.0355EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/01/09 12:0 a.m.24 views

HP Intelligent Management Center < 7.0 E0102 DES / ECB Weak Decryption Key

The version of HP Intelligent Management Center on the remote host is affected by a vulnerability that could allow an attacker to gain access to administrative credentials. This is due to the fact that a static decryption key is used with DES in ECB mode to store the credentials. %NASLMINLEVEL...

7.5CVSS5.7AI score0.02597EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2013/10/16 12:0 a.m.33 views

Hewlett-Packard Intelligent Management Center CommonUtils Static DES/ECB Decryption Key Vulnerability

This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CommonUtil class. This application uses a stat...

4.9CVSS2.9AI score0.02597EPSS
Exploits0References1
Rows per page
Query Builder