5397 matches found
CVE-2010-3074
SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...
[SECURITY] Fedora 14 Update: fuse-encfs-1.7.2-1.fc14
EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...
[SECURITY] Fedora 12 Update: fuse-encfs-1.7.2-1.fc12
EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...
[SECURITY] Fedora 13 Update: fuse-encfs-1.7.2-1.fc13
EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...
Design/Logic Flaw
BbtsConnectionEdit.exe in Blackboard Transact Suite formerly Blackboard Commerce Suite before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml...
Fedora Update for pam_mount FEDORA-2010-13127
Check for the Version of pammount OpenVAS Vulnerability Test Fedora Update for pammount FEDORA-2010-13127 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 13 Update: pam_mount-2.5-1.fc13
This module is aimed at environments with central file servers that a user wishes to mount on login and unmount on logout, such as semi-diskless stations where many users can logon. The module also supports mounting local filesystems of any kind the normal mount utility supports, with extra code ...
[SECURITY] Fedora 12 Update: pam_mount-2.5-1.fc12
This module is aimed at environments with central file servers that a user wishes to mount on login and unmount on logout, such as semi-diskless stations where many users can logon. The module also supports mounting local filesystems of any kind the normal mount utility supports, with extra code ...
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode...
Ubuntu Update for w3m vulnerability USN-967-1
Ubuntu Update for Linux kernel vulnerabilities USN-967-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9671.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for w3m vulnerability USN-967-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.n...
Mandriva Linux Security Advisory : glibc (MDVSA-2010:112)
Multiple vulnerabilities was discovered and fixed in glibc : Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted...
Данные из взломанного процессинга Хронопэй
Ровно неделя прошла с момента опубликования заявления группы хакеров о взломе платежной системы «Chronopay», краже массива кредитных карт http://chronoplay.livejournal.com/586.html и личных данных миллионов россиян. Поскольку официальные лица компании продолжают делать вид, что ничего не произошл...
MIT Kerberos V5 KAdminD klog_vsyslog Server Stack Buffer Overflow (CVE-2007-0957)
Kerberos is a protocol suite which allows for the negotiation of authenticated, and optionally encrypted, communication between two points on a network. MIT Kerberos V5 is an implementation of this protocol suite. There exists a buffer overflow vulnerability in MIT Kerberos. The vulnerability is...
IBM AIX 5l - 'FTPd' Remote DES Hash
/ IBM AIX 5l FTPd Remote DES Hash Exploit -- Advanced 'Datacenter' Edition : Should work on IBM AIX 5.1,5.2,5.3! probably on 4.X too bug found & exploited by Kingcope Version 2.0 - July 2010 ---------------------------------------------------------------------------- Description: - The AIX 5l...
IBM AIX 5l FTPd Remote DES Hash Exploit
Exploit for aix platform in category remote exploits ======================================= IBM AIX 5l FTPd Remote DES Hash Exploit ======================================= / IBM AIX 5l FTPd Remote DES Hash Exploit -- Advanced 'Datacenter' Edition : Should work on IBM AIX 5.1,5.2,5.3! probably on...
Digital Imagery Gets Encrypted Watermarking
A new approach to adding an encrypted watermark to digital images allows the an image to be validated against a pass key, according to research according to research published in the International Journal of Signal and Imaging Systems Engineering. Read the full article. Science Daily...
Mandriva Update for glibc MDVSA-2010:112 (glibc)
Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:112 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2010-1904
SQL injection vulnerability in EMC RSA Key Manager RKM C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data...
CVE-2010-1904
SQL injection vulnerability in EMC RSA Key Manager RKM C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data...
Design/Logic Flaw
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted aka s2enc password, which allows remote attackers to obtain JMX...