Lucene search
K

181 matches found

securityvulns
securityvulns
added 2012/10/29 12:0 a.m.35 views

Beaker information leakage

Information leakage in AES ECB mode...

4.3CVSS2.1AI score0.02447EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2012/09/15 5:55 p.m.28 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS6.3AI score0.02447EPSS
Exploits0References6
OSV
OSV
added 2012/09/15 5:55 p.m.15 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

6.2AI score
Exploits0References6
OSV
OSV
added 2012/09/15 5:55 p.m.1 views

DEBIAN-CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS6.5AI score0.02447EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2012/09/15 5:55 p.m.21 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS5.9AI score0.02447EPSS
Exploits0References2
PyPA
PyPA
added 2012/09/15 5:55 p.m.9 views

PYSEC-2012-1

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS7AI score0.02447EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2012/09/15 5:55 p.m.16 views

Code injection

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS6.9AI score0.02447EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2012/09/15 5:55 p.m.19 views

PYSEC-2012-1

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS5.2AI score0.02447EPSS
Exploits0References7
Cvelist
Cvelist
added 2012/09/15 5:0 p.m.27 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

6.2AI score0.02447EPSS
Exploits0References6
CVE
CVE
added 2012/09/15 5:0 p.m.62 views

CVE-2012-3458

CVE-2012-3458 affects Beaker prior to 1.6.4, where sessions encrypted with PyCrypto use AES in ECB mode. The ECB usage can allow remote attackers to obtain portions of sensitive session data via unspecified vectors. All connected sources corroborate that Beaker before 1.6.4 is vulnerable to this ...

4.3CVSS6.3AI score0.02447EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2012/09/15 5:0 p.m.41 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS6.3AI score0.02447EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/09/10 12:0 a.m.23 views

Debian DSA-2541-1 : beaker - information disclosure

It was discovered that Beaker, a cache and session library for Python, when using the python-crypto backend, is vulnerable to information disclosure due to a cryptographic weakness related to the use of the AES cipher in ECB mode. Systems that have the python-pycryptopp package should not be...

4.3CVSS5.4AI score0.02447EPSS
Exploits0References4
OSV
OSV
added 2012/09/07 12:0 a.m.14 views

DSA-2541-1 beaker - information disclosure

Bulletin has no description...

4.3CVSS6.3AI score0.02447EPSS
Exploits0
Metasploit
Metasploit
added 2011/11/04 9:4 p.m.57 views

Windows Gather McAfee ePO 4.6 Config SQL Credentials

This module extracts connection details and decrypts the saved password for the SQL database in use by a McAfee ePO 4.6 server. The passwords are stored in a config file. They are encrypted with AES-128-ECB and a static key. This module requires Metasploit: https://metasploit.com/download Current...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2011/08/10 5:48 p.m.33 views

Windows Gather CoreFTP Saved Password Extraction

This module extracts saved passwords from the CoreFTP FTP client. These passwords are stored in the registry. They are encrypted with AES-128-ECB. This module extracts and decrypts these passwords. This module requires Metasploit: https://metasploit.com/download Current source:...

0.4AI score
Exploits0
NVD
NVD
added 2006/08/17 9:4 p.m.18 views

CVE-2006-4021

The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption...

2.6CVSS6.5AI score0.00631EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/08/17 9:0 p.m.26 views

CVE-2006-4021

The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption...

6.5AI score0.00631EPSS
Exploits0References5
CVE
CVE
added 2006/08/17 9:0 p.m.48 views

CVE-2006-4021

The CVE-2006-4021 issue affects ScatterChat 1.0.x. It concerns the cryptographic module where a custom padding mechanism used with ECB mode encryption allows attackers to identify patterns across large message sets via a birthday-attack on the padding scheme. Practically, this can reveal repeatin...

2.6CVSS6.9AI score0.00631EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/06/21 4:0 a.m.43 views

CVE-2002-1697

VTun ECB vulnerability (CVE-2002-1697) : The ECB mode used in VTun 2.0–2.5 produces identical ciphertext for identical plaintext blocks, enabling a remote attacker to potentially gain sensitive information. Affected products: VTun versions 2.0 through 2.5. Root cause: use of ECB encryption mode. ...

7.5CVSS7.8AI score0.00835EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.22 views

CVE-2002-1697

Electronic Code Book ECB mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain sensitive information...

7.7AI score0.00835EPSS
Exploits0References3
Rows per page
Query Builder