69 matches found
Debian: Security Advisory (DSA-269-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-269)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-6192
The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...
CVE-2007-6192
The CVE-2007-6192 entry describes an information disclosure vulnerability in the Citrix NetScaler Web Management Interface (NetScaler 8.0 build 47.8). The issue arises from using weak encryption to protect cookie contents by XORing sensitive values (including credentials) with a fixed key stream,...
CVE-2007-6192
The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...
Design/Logic Flaw
PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator C++ rand function during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand seed values an...
CVE-2006-1378
CVE-2006-1378 concerns PasswordSafe 3.0 beta running on Windows versions prior to XP, where the database encryption key is generated using the weak C++ rand() RNG. The underlying root cause is the predictability of rand(), which enables an attacker to enumerate possible seed values and, via a kno...
CVE-2004-2172
EarlyImpact ProductCart is affected by a vulnerability where passwords are encrypted with a weak scheme, enabling remote attackers to obtain passwords through a chosen-plaintext attack. Affected versions are not clearly specified in the provided documents. The available sources do not indicate a ...
CVE-2004-2172
EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack...
PT-2004-3067 · Early Impact · Earlyimpact Productcart
Name of the Vulnerable Software and Affected Versions: EarlyImpact ProductCart affected versions not specified Description: The issue concerns a weak encryption scheme used to encrypt passwords, allowing remote attackers to obtain the password via a chosen plaintext attack. No information is...
Debian DSA-269-1 : heimdal - Cryptographic weakness
A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation permit the use of cut-and-paste attacks to fabricate krb4 tickets for...
Debian DSA-273-1 : krb4 - Cryptographic weakness
A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation permit the use of cut-and-paste attacks to fabricate krb4 tickets for...
Debian DSA-266-1 : krb5 - several vulnerabilities
Several vulnerabilities have been discovered in krb5, an implementation of MIT Kerberos. - A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4...
[SECURITY] [DSA 273-1] New krb4 packages fix authentication failure
-------------------------------------------------------------------------- Debian Security Advisory DSA 273-1 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2003 http://www.debian.org/security/faq -...
DSA-273 krb4 - Cryptographic weakness
Bulletin has no description...
[SECURITY] [DSA 269-1] New heimdal packages fix authentication failure
-------------------------------------------------------------------------- Debian Security Advisory DSA 269-1 [email protected] http://www.debian.org/security/ Martin Schulze March 26th, 2003 http://www.debian.org/security/faq -...
DSA-269 heimdal - Cryptographic weakness
Bulletin has no description...
CVE-2003-0138
Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...
CVE-2003-0138
Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...
DEBIAN-CVE-2003-0138
Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...