Second NSA Crypto Tool Found in RSA BSafe

A team of academics released a study on the maligned Dual EC DRBG algorithm used in RSA Security’s BSafe and other cryptographic libraries that includes new evidence that the National Security Agency used a second cryptographic tool alongside Dual EC DRBG in Bsafe to facilitate spying. Allegation...

CVE-2013-6791

EMET (Microsoft Enhanced Mitigation Experience Toolkit) is affected by a ROP/ASLR bypass vulnerability (CVE-2013-6791) where EMET versions before 4.0 store hooked function addresses in a predictable way. This weakness could enable context-dependent attackers to defeat ASLR, as described in source...

Updated python-oauth2 packages fix CVE-2013-4347

It was found that in python-oauth2, an application for authorization flows for web applications, the nonce value generated isn't sufficiently random. While doing bulk operations the nonce might be repeated, so there is a chance of predictability. This could allow MITM attackers to conduct replay...

Information disclosure

bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain potentially sensitive information about returned change by leveraging certain predictability in th...

CVE-2013-2273

Removed by vendor...

kernel: execshield: predictable ascii armour base address

The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux RHEL 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protecti...

Artiphp CMS 5.5.0 database backup disclosure Exploit-vulnerability warning-the black bar safety net

? php / Artiphp CMS 5.5.0 Database Backup Disclosure Exploit Author: Artiphp www.2cto.com http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage your website. Description: Artiphp stores database backups using...

ruby: Properly initialize the random number generator when forking new process

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900...

shopex密码取回处新生成密码可预测漏洞

简要描述： shopex在找回密码的地方存在一些逻辑设计问题，导致可以预测新生成的密码，可能被用来攻击获取他人密码 详细说明： 相关代码 /core/shop/controller/ctl.passport.php中： function sendPSW $this-begin$this-system-mkUrl'passport','lost'; $member=&$this-system-loadModel'member/member'; $data=$member-getMemberByUser$POST'uname';...

Apple Safari for Windows (4.0.2-4.0.5, 5.0-5.0.2) Math.random() predictability

Hi list Earlier this year, Trusteer discovered a vulnerability in Apple Safari for Windows versions 4.0.2-4.0.5 and 5.0-5.0.2. The issue is in the Javascript Math.random function, which is implemented in Safari via its WebKit core. Trusteer reported this vulnerability to Apple and to WebKit.org...

Will there be a digital Pearl Harbor?

Will there be one major catastrophe, or just smaller disasters? Panelists discuss what security issues we should be watching out for, where the threat might come from, and the difficulties in predicting the unpredictable. Via ZDNet...

PT-2009-43: Session predictability in Kayako Support Suite

Kayako Support Suite is a HelpDesk system...

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

SuSE 10 Security Update : bind (ZYPP Patch Number 5409)

The transaction id and the udp source port used for DNS queries by the bind nameserver were predicatable. Attackers could potentially exploit that weakness to manipulate the DNS cache 'DNS cache poisoning', CVE-2008-1447. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description o...

CVE-2007-2782

Packeteer PacketShaper uses fixed increments in TCP initial sequence number ISN values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption...

CVE-2005-0408

CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the idhash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating the MD5 checksum of the user name combined with the "boogaadeeboo" string, which is hard-coded in th...

CVE-2002-1538

Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable...

CVE-2001-1141

CVE-2001-1141: OpenSSL/SSLeay PRNG weakness before 0.9.6b allows attackers to use outputs from small PRNG requests to infer internal state, enabling future-prediction of random numbers. Affected versions include OpenSSL up to 0.9.6b; impact stated as potential exposure of cryptographic material. ...

Predictability Problems in IRIX Cron and Compilers

Crimelabs, Inc. www.crimelabs.com Security Note Crimelabs Security Note CLABS200004 Title: Poor Tempfile Use in IRIX: Compilers and Cron Date: 21 June, 2000 Application: MIPSPro Compilers 7.1, 7.2.1 tested, cron Platforms: IRIX 6.3, 6.5 Severity: Moderate, higher in some instances Author: Jose...