1592 matches found
Design/Logic Flaw
The SILCSERVERCMDFUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service NULL dereference and daemon crash via a request without a cipher algorithm and an invalid HMAC algorithm...
CVE-2007-1327
The SILCSERVERCMDFUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service NULL dereference and daemon crash via a request without a cipher algorithm and an invalid HMAC algorithm...
CVE-2006-6858
Miredo versions 0.9.8 through 1.0.5 fail to properly authenticate a Teredo bubble during UDP hole punching when using HMAC-MD5-64, enabling remote attackers to impersonate an arbitrary Teredo client. The vulnerability is described in CVE-2006-6858 and is evidenced in multiple data sources (NVD, C...
CVE-2006-6858
Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client...
Miredo authentication bypass
HMAC-MD5-64 authentication can be bypassed...
CVE-2006-6858
Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client...
CVE-2006-6858
Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client...
CVE-2001-0497
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures TSIG, which allows attackers to obtain the keys and perform dynamic DNS updates...
PT-2001-1707 · Isc · Bind
Name of the Vulnerable Software and Affected Versions: BIND versions 8.2.4 and earlier BIND versions 9.1.2 and earlier Description: The issue allows attackers to obtain HMAC-MD5 shared secret keys used for DNS Transactional Signatures TSIG due to insecure permissions set by dnskeygen in BIND 8 an...
ISS Advisory: BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...
CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
More info at https://symfony.com/cve-2026-48747...
CVE-2026-45755: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-45755...