Lucene search
K

69 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.24 views

Debian: Security Advisory (DSA-269-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.5AI score0.04284EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.32 views

Debian: Security Advisory (DSA-269)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.04284EPSS
Exploits0References3
NVD
NVD
added 2007/11/30 1:46 a.m.15 views

CVE-2007-6192

The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...

4.3CVSS6.4AI score0.00699EPSS
Exploits0References4
CVE
CVE
added 2007/11/30 1:0 a.m.59 views

CVE-2007-6192

The CVE-2007-6192 entry describes an information disclosure vulnerability in the Citrix NetScaler Web Management Interface (NetScaler 8.0 build 47.8). The issue arises from using weak encryption to protect cookie contents by XORing sensitive values (including credentials) with a fixed key stream,...

4.3CVSS6.4AI score0.00699EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/11/30 1:0 a.m.22 views

CVE-2007-6192

The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...

6.4AI score0.00699EPSS
Exploits0References4
Prion
Prion
added 2006/03/24 2:2 a.m.14 views

Design/Logic Flaw

PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator C++ rand function during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand seed values an...

4.9CVSS7AI score0.00319EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/03/24 2:0 a.m.56 views

CVE-2006-1378

CVE-2006-1378 concerns PasswordSafe 3.0 beta running on Windows versions prior to XP, where the database encryption key is generated using the weak C++ rand() RNG. The underlying root cause is the predictability of rand(), which enables an attacker to enumerate possible seed values and, via a kno...

4.9CVSS6.5AI score0.00319EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/07/10 4:0 a.m.47 views

CVE-2004-2172

EarlyImpact ProductCart is affected by a vulnerability where passwords are encrypted with a weak scheme, enabling remote attackers to obtain passwords through a chosen-plaintext attack. Affected versions are not clearly specified in the provided documents. The available sources do not indicate a ...

7.5CVSS7.1AI score0.06765EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2172

EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack...

7.5CVSS7.5AI score0.06765EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.4 views

PT-2004-3067 · Early Impact · Earlyimpact Productcart

Name of the Vulnerable Software and Affected Versions: EarlyImpact ProductCart affected versions not specified Description: The issue concerns a weak encryption scheme used to encrypt passwords, allowing remote attackers to obtain the password via a chosen plaintext attack. No information is...

7.5CVSS6.6AI score0.06765EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.39 views

Debian DSA-269-1 : heimdal - Cryptographic weakness

A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation permit the use of cut-and-paste attacks to fabricate krb4 tickets for...

7.5CVSS8AI score0.04284EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.33 views

Debian DSA-273-1 : krb4 - Cryptographic weakness

A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation permit the use of cut-and-paste attacks to fabricate krb4 tickets for...

7.5CVSS8.1AI score0.04284EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.56 views

Debian DSA-266-1 : krb5 - several vulnerabilities

Several vulnerabilities have been discovered in krb5, an implementation of MIT Kerberos. - A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4...

7.5CVSS8AI score0.15031EPSS
Exploits1References6
Debian
Debian
added 2003/03/28 12:12 p.m.27 views

[SECURITY] [DSA 273-1] New krb4 packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 273-1 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2003 http://www.debian.org/security/faq -...

7.5CVSS9.4AI score0.04284EPSS
Exploits0
OSV
OSV
added 2003/03/28 12:0 a.m.17 views

DSA-273 krb4 - Cryptographic weakness

Bulletin has no description...

7.5CVSS6.3AI score0.04284EPSS
Exploits0
Debian
Debian
added 2003/03/26 12:1 p.m.39 views

[SECURITY] [DSA 269-1] New heimdal packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 269-1 [email protected] http://www.debian.org/security/ Martin Schulze March 26th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.04284EPSS
Exploits0
OSV
OSV
added 2003/03/26 12:0 a.m.16 views

DSA-269 heimdal - Cryptographic weakness

Bulletin has no description...

7.5CVSS6.3AI score0.04284EPSS
Exploits0
NVD
NVD
added 2003/03/24 5:0 a.m.16 views

CVE-2003-0138

Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...

7.5CVSS6.1AI score0.04284EPSS
Exploits0References12
OSV
OSV
added 2003/03/24 5:0 a.m.9 views

CVE-2003-0138

Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...

6.1AI score
Exploits0References16
OSV
OSV
added 2003/03/24 5:0 a.m.1 views

DEBIAN-CVE-2003-0138

Version 4 of the Kerberos protocol krb4, as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack...

7.5CVSS8.8AI score0.04284EPSS
Exploits0References1
Rows per page
Query Builder