9 matches found
EUVD-2014-8083
Malware in sbrugna...
FreeBSD : librsync -- collision vulnerability (b22b016b-b633-11e5-83ef-14dae9d210b8)
Michael Samuel reports : librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
CVE-2014-8242
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...
Code injection
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...
CVE-2014-8242
CVE-2014-8242 concerns the librsync library. The issue affects versions before 1.0.0, where a truncated MD4 checksum is used to match blocks, enabling remote modification of transmitted data via a birthday attack. The provided materials state the vulnerability and its impact, but do not specify a...
MGASA-2015-0146 Updated librsync packages fix security vulnerabilities
Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...
Updated librsync packages fix security vulnerabilities
Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...
Fedora 20 : csync2-1.34-15.fc20 / duplicity-0.6.25-3.fc20 / librsync-1.0.0-1.fc20 / etc (2015-3366)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...
librsync -- collision vulnerability
Michael Samuel reports: librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...