DEBIAN-CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

Get EFS Encrypted Files, Dirs and EFS-Encryption AlgorithmID - Windows

Get EFS Encrypted Files, Dirs and EFS-Encryption AlgorithmID. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Inside The Google Chrome OS Security Model

Google plans to use a combination of system hardening, process isolation, verified boot, secure auto-update and encryption to thwart malicious hackers from planting malware on its new Google Chrome OS. Much like the Google Chrome browser, the operating system will use process sandboxing as the ke...

Non-compliant Strict Transport Security (STS)

The remote web server implements Strict Transport Security. However, it does not respect all the requirements of the STS draft standard. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42823; scriptversion"$Revision: 1.7 $"; scriptcvsdate"$Date: 2014/09/19 20:19:00 $"...

[USN-858-1] OpenLDAP vulnerability

=========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE-2009-3767 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory...

USN-858-1: OpenLDAP vulnerability

It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

LDAP Service STARTTLS Command Support

The remote LDAP service supports the use of the 'STARTTLS' command to switch from a cleartext to an encrypted communications channel. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42329; scriptversion"1.6"; scriptsetattributeattribute:"pluginmodificationdate",...

FTP Service AUTH TLS Command Support

The remote FTP service supports the use of the 'AUTH TLS' command to switch from a cleartext to an encrypted communications channel. TRUSTED...

USN-842-1: Wget vulnerability

It was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

The new cloud 4. 0 latest 0day-vulnerability warning-the black bar safety net

To access the ask directory,registered users, In the password question of the place to insert the encrypted word:┼pay offs number 畣 whole 爠 Hwan enemy 瑳∨≡┩anger Registration after a successful connection to the default database:ask/data/asknewasp. asa password:a...

USN-835-1: neon vulnerabilities

Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

Ubuntu 8.04 LTS / 8.10 / 9.04 : kde4libs, kdelibs vulnerability (USN-833-1)

It was discovered that KDE did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable...

USN-833-1: KDE-Libs vulnerability

It was discovered that KDE did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

Ubuntu 8.04 LTS / 8.10 / 9.04 : qt4-x11 vulnerability (USN-829-1)

It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. CVE-2009-2700. Not...

Ubuntu: Security Advisory (USN-809-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libfreebl3 (libfreebl3-1201)

The Mozilla NSS security framework was updated to version 3.12.3.1. CVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant...

USN-818-1: curl vulnerability

Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...