19 matches found
EUVD-1999-0143
Malware in sbrugna...
Security Bulletin: Vulnerability in OpenSSL affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
Summary A vulnerability in OpenSSL may cause a denial of service when IBM Spectrum Virtualize is acting as a TLS client when connecting to LDAP servers or key servers. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the...
SUSE CVE-2008-1530
GnuPG gpg 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."...
Security Bulletin: Vulnerability in OpenSSL affects IBM FlashSystem models FS900 and V9000
Summary A vulnerability in OpenSSL may cause a denial of service when IBM FlashSystem models FS900 and V9000 are acting as a TLS client when connecting to LDAP servers or key servers. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a...
Breaking RSA through Insufficiently Random Primes
Basically, the SafeZone library doesnt sufficiently randomize the two prime numbers it used to generate RSA keys. Theyre too close to each other, which makes them vulnerable to recovery. There arent many weak keys out there, but there are some: So far, Böck has identified only a handful of keys i...
Open-Xchange: XSS - Guard - Insufficient escaping of User-IDs from PGP Keys
Vulnerability PGP user IDs are typically in form of name and OX Guard properly escapes angle brackets when inserting them to HTML. But in the code for displaying a list of keys it inserts IDs into HTML attributes without escaping double quote characters. javascript //...
Recommended update for dkgpg, libTMCG (moderate)
openSUSE Security Update: Recommended update for dkgpg, libTMCG Announcement ID: openSUSE-SU-2019:1951-1 Rating: moderate References: Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that contains security fixes can now be installed. Description: This update for dkgpg, libTMCG...
Easy Intelligence Gathering: theHarvester
The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration te...
[theHarvester v2.2a] Tool for Gathering
theHarvester is a tool for gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in ord...
Mandrake Linux Security Advisory : gnupg (MDKSA-2000:087)
When importing keys from public key servers, GnuPG will import private keys also known as secret keys in addition to public keys. If this happens, the user's web of trust becomes corrupt. Additionally, when used to check detached signatures, if the data file being checked contains clearsigned dat...
Find e-mail addresses
Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...
Find e-mail addresses
Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...
Find e-mail addresses
Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...
Find e-mail addresses
Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...
DEBIAN-CVE-2008-1530
GnuPG gpg 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."...
CVE-2008-1530
GnuPG gpg 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."...
CVE-2008-1530
GnuPG gpg 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."...
CVE-2008-1530
CVE-2008-1530 affects GnuPG (gpg) 1.4.8 and 2.0.8. The issue arises when importing crafted duplicate keys (from key servers), triggering memory corruption around deduplication of user IDs. This condition is described as potentially enabling a denial of service (crash) and possibly arbitrary code ...
CVE-2001-0072
gpg aka GnuPG 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust...