Lucene search
+L

67 matches found

Kitploit
Kitploit
added 2016/12/05 2:12 p.m.32 views

Hashcat v3.20 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 160 highly-optimized hashing algorithms. hashcat currently supports CPU's, GPU's other hardware-accelerators on Linux, Windows and OSX, and has facilities to help enable...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/11 12:0 a.m.25 views

FreeBSD : librsync -- collision vulnerability (b22b016b-b633-11e5-83ef-14dae9d210b8)

Michael Samuel reports : librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

5.8CVSS5.4AI score0.02939EPSS
Exploits0References3
Prion
Prion
added 2015/10/26 5:59 p.m.24 views

Code injection

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS6.8AI score0.02939EPSS
Exploits0References12Affected Software1
UbuntuCve
UbuntuCve
added 2015/10/26 5:59 p.m.28 views

CVE-2014-8242

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS5.9AI score0.02939EPSS
Exploits0References2
CVE
CVE
added 2015/10/26 5:0 p.m.68 views

CVE-2014-8242

CVE-2014-8242 concerns the librsync library. The issue affects versions before 1.0.0, where a truncated MD4 checksum is used to match blocks, enabling remote modification of transmitted data via a birthday attack. The provided materials state the vulnerability and its impact, but do not specify a...

5.8CVSS6.2AI score0.02939EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2015/10/26 5:0 p.m.119 views

CVE-2014-8242

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS6.3AI score0.02939EPSS
Exploits0
securityvulns
securityvulns
added 2015/05/05 12:0 a.m.68 views

[ MDVSA-2015:204 ] librsync

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:204 http://www.mandriva.com/en/support/security/ Package : librsync Date : April 27, 2015 Affected: Business Server 1.0 Problem Description: Updated librsync packages fix security vulnerability: librsync...

5.8CVSS6AI score0.02939EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.23 views

Mandriva Linux Security Advisory : librsync (MDVSA-2015:204)

Updated librsync packages fix security vulnerability : librsync before 1.0.0 used a truncated MD4 strong check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions...

5.8CVSS5.4AI score0.02939EPSS
Exploits0References2
OSV
OSV
added 2015/04/15 9:1 a.m.7 views

MGASA-2015-0146 Updated librsync packages fix security vulnerabilities

Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...

5.8CVSS6.3AI score0.02939EPSS
Exploits0References3
Mageia
Mageia
added 2015/04/15 9:1 a.m.31 views

Updated librsync packages fix security vulnerabilities

Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.26 views

Fedora 20 : csync2-1.34-15.fc20 / duplicity-0.6.25-3.fc20 / librsync-1.0.0-1.fc20 / etc (2015-3366)

Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...

5.8CVSS5.6AI score0.02939EPSS
Exploits0References9
ArchLinux
ArchLinux
added 2015/03/16 12:0 a.m.48 views

librsync: checksum collision

librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff...

5.8CVSS1AI score0.02939EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2014/07/28 12:0 a.m.31 views

librsync -- collision vulnerability

Michael Samuel reports: librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : mozilla-nss (openSUSE-SU-2013:1539-1)

Mozilla NSS was updated to 3.15.2 bnc842979 - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add PK11CipherFinal macro - sizeof used incorrectly - nssutilReadSecmodDB leaks memory - Allow...

5CVSS7.1AI score0.03406EPSS
Exploits0References3
Kitploit
Kitploit
added 2014/05/27 3:0 a.m.405 views

oclHashcat v1.2 - GPGPU-based Multi-hash Cracker

oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack implemented as mask attack, combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack. This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite. GPU Driver requirements: NV...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/11/17 12:0 a.m.39 views

SuSE 11.2 / 11.3 Security Update : Mozilla NSS (SAT Patch Numbers 8484 / 8485)

"Mozilla NSS has been updated to 3.15.2 bnc847708 bringing various features and bugfixes : The main feature is TLS 1.2 support and its dependent algorithms. - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add...

5CVSS6.9AI score0.03406EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.43 views

Amazon Linux AMI : kernel (ALAS-2011-16)

The skbgroheaderslow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload GRO is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service system crash via crafted network traffic. Race...

9.1CVSS7.1AI score0.05798EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.50 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2033)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2033 advisory. - ipv6: make fragment identifications less predictable Joe Jin CVE-2011-2699 - vlan: fix panic when handling priority tagged frames Joe Jin...

9.1CVSS7.2AI score0.05798EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.52 views

Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2654 firefox: URL bar spoofing vulnerability CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine...

10CVSS8AI score0.06724EPSS
Exploits9References8
Rows per page
Query Builder