security flaw

net/ipv4/netfilter/ipconntrackcore.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nfconntrackl3protoipv4.c in 2.6, does not clear sockaddrin.sinzero before returning IPv4 socket names from the getsockopt function with SOORIGINALDST, which allows local users to obtain portions of...

FreeBSD : openssl -- potential SSL 2.0 rollback (60e26a40-3b25-11da-9484-00123ffe8333)

Vulnerability : Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various bugs in third-party software that might prevent interoperability. The SSLOPMSIESSLV2RSAPADDING option disables a...

VNC Supported 'security types' Detection (TCP)

TCP based detection of the available remote Virtual Network Computing VNC SPDX-FileCopyrightText: 2006 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 888-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 882-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 882-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 881-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...

DSA-881-1 openssl096 - cryptographic weakness

Bulletin has no description...

VNC Server and Protocol Version Detection (TCP)

TCP based detection of Virtual Network Computing VNC services and the underlying Remote Framebuffer Protocol RFB version. SPDX-FileCopyrightText: 2005 Patrick Naubert Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[SECURITY] [DSA 875-1] New OpenSSL packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 875-1 [email protected] http://www.debian.org/security/ Martin Schulze October 27th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

VNC Server Security Type Detection

This script checks the remote VNC server protocol version and the available 'security types'. C Tenable Network Security, Inc. Some information: http://www.nessus.org/u?31a1871a http://www.nessus.org/u?6ad5fd00 http://www.nessus.org/u?99e99399 include"compat.inc"; if description scriptid19288;...

security flaw

Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via 1 an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the hostaton function, or 2 the -bh command line option or dnsdb PTR...

NTP Server Protocol Version 2 Detection

Binary data 1149.prm...

NTP Server Protocol Version 1 Detection

Binary data 1150.prm...

NTP Server Protocol Version 1 Detection

Binary data 1146.prm...

NTP Server Protocol Version 3 Detection

Binary data 1148.prm...

Distributed Network Protocol Version 3 (DNP3) Outstation Detection (SCADA)

Binary data 3553.prm...

Re: хэндшейк ICQ

Hello, 3APA3A! Если не сложно, кинь advisory на [email protected]. Можно вместе с программой, положу на www.security.nnov.ru. See attach. Адвайз писать смысла нет, ибо тезис про "шифрование" в аське касается всех версий протокола, его использовавших. Насколько я знаю, в 7 версии эту фигню...