270 matches found
CVE-2013-0941
EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the no...
CVE-2013-0941
EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the no...
CVE-2013-0941
CVE-2013-0941 affects RSA/SecurID components. The node secret in affected products is stored using a dated encryption algorithm with a weak key, exposing confidentiality and integrity risk for local communications between RSA/Access Manager components. Affected: RSA Authentication API up to 8.1 S...
Google Apps Directory Sync < 3.1.6 Weak Stored Credential Local Disclosure
The version of Google Apps Directory Sync installed on the remote host is earlier than 3.1.6 and is, therefore, affected by a weak stored credential local disclosure vulnerability. An issue exists in the way 'PBEwithMD5andDES' Java encryption algorithm is implemented, allowing a local attacker to...
Vanilla Forums 2-0-18-4 - SQL-Injection Vulnerability
SQL-Injection is possible, because$POST arrays are not proper sanitized. You do not need to be authenticated. To insert an arbitrary user, a sample HTTP-Post Request looks as follows: POST /PATH/vanilla/entry/signin HTTP/1.1 Host: HOST User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; rv:19.0...
Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001
Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync GADS Tool Platform. Windows, Linux, Solaris Affected versions. All versions up to 3.1.3 Severity Rating. High Impact. Exposure of...
anwsion the latest version of any upload-vulnerability warning-the black bar safety net
Upload attachments where not properly handle the file suffix problem: ! Judgment is the file header does not determine the suffix problem。。。。。。。。 Vulnerability to prove: http://wenda.anwsion.com/uploads/questions/20121126/e826a3e05a4beb6c24373ba014fe39f8.phppass Merge pictures word Trojan...
Weak password encryption on Huawei products
Weak password encryption on Huawei products =========================================== ADVISORY INFORMATION Title: Weak password encryption on Huawei products Release date: 13/11/2012 Credits: Roberto Paleari, Emaze Networks [email protected] Ivan Speziale, Emaze Networks...
CVE-2012-3018
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...
Design/Logic Flaw
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...
CVE-2012-3018
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...
Last.fm, Mum On Breach, Adopts 'More Rigorous' Password Security
Last.fm, the online music streaming service, said it has implemented ‘more rigorous’ security for customer account passwords in the wake of reports that some of those passwords had been leaked online. In a post on the company’s Website, Last.fm said that its investigation of reports that hashed o...
Cryptographers : Satellite phones vulnerable to eavesdropping
Cryptographers : Satellite phones vulnerable to eavesdropping Researchers at a German university claim to have cracked the algorithm that secures satellite phone transmissions. They have broken the encryption of the two main standards used to protect calls from satellite phones, giving them the...
Source Code of Crypo.com Available to Download !
Source Code of Crypo.com Available to Download ! The Source Code of Crypo.com , One of the Famous Free Online Encryption Service is now available to download form a File sharing website. This Script will encrypt your messages using a strong encryption algorithm, and then your information will be...
Source Code of Crypo.com Available to Download !
Source Code of Crypo.com Available to Download ! The Source Code of Crypo.com , One of the Famous Free Online Encryption Service is now available to download form a File sharing website. This Script will encrypt your messages using a strong encryption algorithm, and then your information will be...
Multiples Vulnerabilities in ManageEngine ServiceDesk Plus
Core Security - Corelabs Advisory 1. Advisory Information Title: Multiples Vulnerabilities in ManageEngine ServiceDesk Plus Advisory ID: CORE-2011-0506 Advisory URL: http://www.coresecurity.com/content/multiples-vulnerabilities-manageengine-sdp Date published: 2011-09-14 Date of last update:...
IBM WebSphere Application Server 6.1 < 6.1.0.39 Multiple Vulnerabilities
IBM WebSphere Application Server 6.1 before Fix Pack 39 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - Use of an insecure XML encryption algorithm could allow for decryption of JAX-RPC or JAX-WS Web Services requests. PM34841 - A...
IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability (May 2011)
IBM WebSphere Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability
The host is running IBM WebSphere Application Server and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbibmwasxmlencryptioninfodisclosurevuln.nasl 7006 2017-08-25 11:51:20Z teissa $ IBM WebSphere Application Server WS-Security XML Encryption Weakness...
27C3: GSM cell phones even easier to tap !
At the 27th Chaos Communication Congress 27C3 hacker conference, security researchers demonstrated how open source software on a number of revamped, entry-level cell phones can decrypt and record mobile phone calls in the GSM network. Using a normal laptop and a homemade monitoring device, team...