IBM AIX 5l - 'FTPd' Remote DES Hash

/ IBM AIX 5l FTPd Remote DES Hash Exploit -- Advanced 'Datacenter' Edition : Should work on IBM AIX 5.1,5.2,5.3! probably on 4.X too bug found & exploited by Kingcope Version 2.0 - July 2010 ---------------------------------------------------------------------------- Description: - The AIX 5l...

Digital Imagery Gets Encrypted Watermarking

A new approach to adding an encrypted watermark to digital images allows the an image to be validated against a pass key, according to research according to research published in the International Journal of Signal and Imaging Systems Engineering. Read the full article. Science Daily...

Mandriva Update for glibc MDVSA-2010:112 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:112 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2010-1904

SQL injection vulnerability in EMC RSA Key Manager RKM C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data...

CVE-2010-1904

SQL injection vulnerability in EMC RSA Key Manager RKM C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data...

Design/Logic Flaw

com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted aka s2enc password, which allows remote attackers to obtain JMX...

CVE-2010-1454

com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted aka s2enc password, which allows remote attackers to obtain JMX...

SpringSource tc Server authentication bypass

Access with empty password is possible if encrypted passwords are used for JMX interface...

CVE-2010-1568

The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook before 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote attackers to obtain cleartext contents of e-mail messages that were intended to be encrypted, aka bug 65623...

Ubuntu Update for irssi vulnerabilities USN-929-1

Ubuntu Update for Linux kernel vulnerabilities USN-929-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9291.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for irssi vulnerabilities USN-929-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

Open redirect

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

CVE-2010-0525

Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make it easier for remote attackers to obtain sensitive information via a brute-force attack on a weakly...

Research Finds Crystal Material For Chip Security

Researchers at Florida State University have discovered crystals that could lead to super security chips. The security chips could store encrypted data written two different ways — electrically and magnetically — making extraction of the data more complex and so more difficult for attackers to...

Debian: Security Advisory (DSA-1973-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1973-1] New glibc packages fix information disclosure

------------------------------------------------------------------------ Debian Security Advisory DSA-1973-1 [email protected] http://www.debian.org/security/ Aurelien Jarno January 19, 2010 http://www.debian.org/security/faq -...

DSA-1973-1 glibc - information disclosure

Bulletin has no description...

Ubuntu Update for PostgreSQL vulnerabilities USN-876-1

Ubuntu Update for Linux kernel vulnerabilities USN-876-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8761.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-876-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Code injection

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...