CVE-2005-1733

Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt...

CVE-2005-1733

CVE-2005-1733 affects Cookie Cart: password file passwd.txt is stored under the web document root with insufficient access control, enabling remote retrieval of usernames and encrypted passwords via a direct request. CVSS v2 base score 5.0 (Medium). No exploitation details or fixes are provided i...

CVE-2005-1733

Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt...

[SA15374] Ultimate Forum Exposure of Encrypted User Credentials

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Ultimate Forum Exposure of Encrypted User Credentials...

Insecure pty permissions in OS X < 10.4

Hi all. Mac OS X 10.3.x and earlier doesn't provide any mechanism for non-setuid-root programs to change permissions on ptys. Hence xterms, screen sessions, and Terminal.app windows with explicitly specified commands are vulnerable to tty sniffing. Note that using Terminal.app's standard terminal...

CVE-2005-0427

The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password...

CVE-2005-0383

Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password...

CVE-2005-0427

The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password...

MDKSA-2005:057 - Updated gnupg packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: gnupg Advisory ID: MDKSA-2005:057 Date: March 15th, 2005 Affected versions: 10.0, 10.1, 9.2, Corporate 3.0, Corporate Server 2.1 Problem Description: The OpenPGP protocol is vulnerable to a...

Mandrake Linux Security Advisory : gnupg (MDKSA-2005:057)

The OpenPGP protocol is vulnerable to a timing-attack in order to gain plain text from cipher text. The timing difference appears as a side effect of the so-called 'quick scan' and is only exploitable on systems that accept an arbitrary amount of cipher text for automatic decryption. The updated...

CVE-2005-0427

The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password...

CVE-2005-0427

The CVE-2005-0427 issue affects Webmin on Gentoo (before 1.170-r3). The ebuild builds a tbz2 of Webmin that unintentionally includes the encrypted root password in miniserv.users, allowing a remote attacker to obtain and potentially crack the password. Gentoo GLSA 200502-12 documents this design ...

GLSA-200502-12 : Webmin: Information leak in Gentoo binary package

The remote host is affected by the vulnerability described in GLSA-200502-12 Webmin: Information leak in Gentoo binary package Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that the Webmin ebuild contains a design flaw. It imports the encrypted local root password into the...

CVE-2005-0383

Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password...

Linux ncpfs Local Exploit

Exploit for linux platform in category local exploits ========================= Linux ncpfs Local Exploit ========================= !/bin/sh Had to remove local -r to get it to work via sh on my box Root's encrypted password was in toupper form but the super stated it worked fine for him Gentoo...

Encrypted Messenger char sequence DoS

Strings !! cause application to crash...

[Full-Disclosure] Encrypted Messenger DoS Vulnerability

Title: Encrypted Messenger Remote DoS Vulnerability Vendor Homepage: http://www.johnytech.com Discovered by: Adam Baldwin [email protected] www.evilpacket.netadvisoriesEP-000-0001.html Discovery Date: 1.6.2005 Criticality: Low Vulnerable Version:Encrypted Messenger 3.0.71 and possibly...

CVE-2004-2348

Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to cause a denial of service hang via an encrypted ZIP file with the "include full path info" option set, as used by certain variants of the Beagle/Bagle worm...

CVE-2004-2703

Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted"...

linux/x86 add user t00r ENCRYPT 116 bytes

No description provided by source. / !!!!!! ANTI IDS SHELLCODE !!!!!! [email protected] 0x14abril0x7d2 !!!!! ENCRIPTADA !!!!! 116 bytes Agrega la linea "t00r::0:0::/:/bin/sh" en /etc/passwd !!!!! ENCRIPTADA !!!!! Para mas informacion Descargue...