79 matches found
CVE-2 0 1 6-1 4 9 4 (python – rsa)vulnerability details-vulnerability warning-the black bar safety net
0×0 1 Overview CVE-2 0 1 6-1 4 9 4 vulnerability is about the Python-rsa signature forgery. In certain cases, can be forged a python rsa library to generate the signature information. But the premise needs an RSA public key exponent value e is small, the following are to e=3 discussion. A digital...
Python-rsa signature forgery-vulnerability warning-the black bar safety net
! By looking at the python-rsa source code, we found that it is the presence of a vulnerability is based on Bleichenbacher'0 6 attack research out for the RSA signature forgery of a simple variant, is due to the public key index is too low. The vulnerability can lead to arbitrary information to...
ColdFusion 9-10 - Credential Disclosure Exploit
ColdFusion...
Forpix - Software for detecting affine image files
forpix is a forensic program for identifying similar images that are no longer identical due to image manipulation. Hereinafter I will describe the technical background for the basic understanding of the need for such a program and how it works. From image files or files in general you can create...
JBoss JMXInvokerServlet JMXInvoker 0.3 remote command execution vulnerability-vulnerability warning-the black bar safety net
/ JBoss JMXInvokerServlet Remote Command Execution JMXInvoker.java v0. 3 - Luca Carettoni @ikki This code exploits a common misconfiguration in the JBoss Application Server 4. x, 5. x, .... Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation"...
DEBIAN-CVE-2014-0246
SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive...
CVE-2013-7040
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service CPU consumptio...
Ubuntu Update for linux USN-2017-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20171.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-2017-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...
Ubuntu Update for linux-lts-quantal USN-1947-1
Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN19471.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for linux-lts-quantal USN-1947-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This...
CVE-2012-5375
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with ...
CVE-2012-5375
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with ...
UBUNTU-CVE-2012-5375
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with ...
Irongeek's Shared hosting MD5 Change Detection Script
Irongeek's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka Irongeek just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually "irongeek.com" was hacked few days back which is hosted on a shared hosting. There...
CVE-2011-4838
JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...
Sql injection
directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $GET"s" variable from being unset. NOTE: it could be argued that this...
Spree Hardcoded config.action_controller_session Hash Value Cryptographic Protection Weakness
Spree contains a hardcoded flaw related to the config.actioncontrollersession hash value. This may allow an attacker to more easily bypass cryptographic protection...
Crack Oracle Password: [Oracle password]-vulnerability warning-the black bar safety net
Note: the station authorization starting, reprint please indicate the source Author:Mickey To connect to a remote Oracle database, need to know the SID, user name, password, and of course the most important IP address. SID If is administrator to modify, you can use sidguess to be cracked, the spe...
security flaw
KAME IKE daemon racoon does not properly handle hash values, which allows remote attackers to delete certificates via 1 a certain delete message that is not properly handled in isakmp.c or isakmpinf.c, or 2 a certain INITIAL-CONTACT message that is not properly handled in isakmpinf.c...
CVE-1999-0366
CVE-1999-0366 concerns Windows NT 4.0 SP4. Affected component: network shares authentication; root cause: null NT hash value enables access with a blank password. Impact stated as PARTIAL confidentiality, integrity, and availability. Exploitation details are not provided in the connected document...