794 matches found
CVE-2006-5303
Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading 1 base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and 2 plaintext data in SERVERS\Shared\signers.cfg. NOTE: the...
CVE-2006-3411
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys...
CVE-2006-3411
CVE-2006-3411 relates to Tor prior to version 0.1.1.20, where TLS handshakes generate public–private keys based on TLS context rather than the specific connection. This design flaw can make it easier for remote attackers to perform brute-force attacks on the encryption keys. The vulnerability is ...
CVE-2006-3411
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys...
CVE-2006-1833
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface...
Design/Logic Flaw
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface...
CVE-2006-1833
The CVE-2006-1833 issue affects the Intel RNG Driver in NetBSD 1.6–3.0, where incorrect detection of the pchb interface causes it to generate a constant random value. This predictable output could enable remote attackers to more easily crack encryption keys derived from the RNG. The available con...
CVE-2006-1117
nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...
Information disclosure
nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...
CVE-2006-1117
nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...
CVE-2006-1117
CVE-2006-1117 concerns nCipher firmware before v10 (used by nShield, nForce, netHSM, payShield, SecureDB, DSE200, TSMC, and possibly others). The issue arises from options meant for testing, not production, which might allow remote attackers to obtain encryption keys and crack them with less effo...
CVE-2005-4696
The Microsoft Wireless Zero Configuration system WZCS stores WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network...
CVE-2002-1810
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information...
NotifyLink contains multiple SQL injection vulnerabilities
Overview There are multiple vulnerabilities in NotifyLink that allow unauthenticated remote users to view or modify the contents of the NotifyLink SQL database. Possible modifications include the addition of unauthorized user and administrator accounts. Description Notify Technology NotifyLink...