CVE-2018-20764

A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation...

CVE-2018-20764

The CVE-2018-20764 entry concerns a buffer overflow in HelpSystems tcpcrypt for Linux, used with BoKS encrypted telnet (BoKS 6.7.1). The underlying issue is a buffer overflow in tcpcrypt, which is setuid, enabling privilege escalation if exploited. The available documents identify the affected co...

SpotAuditor 3.6.7 - Base64 Encrypted Password Denial of Service (PoC)

SpotAuditor 3.6.7 - Base64 Encrypted Password Denial of Service PoC Exploit Title: SpotAuditor v3.6.7 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.nsauditor.com/order.html Software Link : http://www.nsauditor.com/order.html Tested...

openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0098-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0097-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : systemd (openSUSE-2019-98)

This update for systemd provides the following fixes : Security issues fixed : - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas bsc1120323 - CVE-2018-16866: Fixed an information leak in journald bsc1120323 - CVE-2018-6954: Fix mishandling of...

openSUSE Security Update : systemd (openSUSE-2019-97)

This update for systemd provides the following fixes : Security issues fixed : - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas bsc1120323 - CVE-2018-16866: Fixed an information leak in journald bsc1120323 - Fixed an issue during system startup in...

Security update for systemd (important)

openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2019:0098-1 Rating: important References: 1005023 1045723 1076696 1080919 1093753 1101591 1111498 1114933 1117063 1119971 1120323 Cross-References: CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-6954 Affecte...

Security update for systemd (moderate)

openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2019:0097-1 Rating: moderate References: 1005023 1076696 1101591 1114981 1115518 1119971 1120323 Cross-References: CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 Affected Products: openSUSE Leap 42.3 An update that...

Exploit for Improper Input Validation in Cisco Rv320_Firmware

CiscoRV320Dump CVE-2019-1653/CVE-2019-1652 Exploits For Dumpin...

CVE-2018-6445

A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted not hashed password of the systems. The attacker could gain access to the Brocade Network Advisor System after...

CVE-2018-6445

A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted not hashed password of the systems. The attacker could gain access to the Brocade Network Advisor System after...

CVE-2018-6445

A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted not hashed password of the systems. The attacker could gain access to the Brocade Network Advisor System after...

[SECURITY] Fedora 28 Update: openssh-7.8p1-4.fc28

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0137-1)

This update for systemd provides the following fixes : Security issues fixed : CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas bsc1120323 CVE-2018-16866: Fixed an information leak in journald bsc1120323 CVE-2018-6954: Fix mishandling of symlinks...

CVE-2019-3908

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data...

Hardcoded credentials

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data...

CVE-2019-3908

CVE-2019-3908 affects Premisys Identicard v3.1.190 where backups are stored as encrypted zip files with a hard-coded, non-changeable password, enabling decrypting backups if accessible. The ICSA/ICS-CERT advisory confirms the vulnerability class and that versions prior to 4.2 are affected; mitiga...

CVE-2019-3908

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data...

PT-2019-16763 · Premisys · Premisys Identicard

Name of the Vulnerable Software and Affected Versions: Premisys Identicard version 3.1.190 Description: The issue concerns the storage of backup files as encrypted zip files with a hard-coded and unchangeable password. This allows an attacker with access to these backups to decrypt them and obtai...