CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

Code injection

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

eyeOS089.txt

GulfTech Security Research February 7, 2006 Vendor : eyeOS Project URL : http://www.eyeos.org/ Version : eyeOS = 0.8.9 Risk : Remote Code Execution Description: eyeOS is a "web based operating system" written in php, that lets you access your data and your applications from anywhere with an...

CVE-2006-0379

FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory...

CVE-2006-0379

FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory...

CVE-2006-0379

The CVE-2006-0379 issue affects FreeBSD 5.4-STABLE and 6.0, where a kernel-stack buffer is not fully initialized before being copied to userland, allowing local disclosure of kernel memory. The impact includes exposure of memory contents such as file-cache or terminal buffers, potentially aiding ...

Apple SA 2003-12-19

The remote host is missing Security Update 2003-12-19. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Movable Type Initialization Script Disclosure Vulnerability - Active Check

mt-load.cgi is installed by the Movable Type Publishing Platform. SPDX-FileCopyrightText: 2004 Rich Walchuck Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

GLSA-200505-15 : gdb: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200505-15 gdb: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely...

CVE-2005-0400

The ext2makeempty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block...

CVE-2005-0400

The ext2makeempty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block...

CVE-2005-1036

The CVE-2005-1036 issue affects FreeBSD/amd64 5.x up to 5.4 where the IO permission bitmap was not properly initialized, allowing unprivileged local users to bypass access restrictions and potentially cause denial of service, disclosure of sensitive information, or privilege escalation. Relevant ...

PT-2005-2058 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 5.x through 5.4 on AMD64 Description: The issue allows local users to bypass intended access restrictions, potentially causing a denial of service, obtaining sensitive information, and possibly gaining privileges due to the...

CVE-2005-0400

The ext2makeempty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block...

CVE-2005-0400

The CVE-2005-0400 issue affects the Linux kernel ext2 file system: ext2_make_empty does not initialize memory when allocating a new directory entry block, enabling local users to read potentially sensitive data from the block. The documented fix is in kernel update 2.6.11.6 (and related Red Hat/U...

Moderate: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner...