Lucene search
K

76 matches found

CNVD
CNVD
added 2018/05/14 12:0 a.m.7 views

heinekingmedia StashCat Password Attack Vulnerability

heinekingmedia StashCat for Android is an Android-based enterprise communication software from the German company heinekingmedia. heinekingmedia StashCat suffers from a password attack vulnerability that stems from user passwords being hashed directly with SHA-512. By exploiting this vulnerabilit...

5.9CVSS6.1AI score0.0055EPSS
Exploits0References1
Prion
Prion
added 2017/08/01 2:29 p.m.15 views

Authentication flaw

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. For authentication, the user password is hashed directly with SHA-512 without a salt or another key-derivation mechanism to enable a secure secret for...

4.3CVSS5.8AI score0.0055EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/08/01 2:29 p.m.5 views

CVE-2017-11131

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. For authentication, the user password is hashed directly with SHA-512 without a salt or another key-derivation mechanism to enable a secure secret for...

5.9CVSS5.8AI score0.0055EPSS
Exploits0References1
Kitploit
Kitploit
added 2017/05/24 3:30 p.m.21 views

Dagon - Advanced Hash Manipulation

Named after the prince of Hell, Dagon day-gone is an advanced hash cracking and manipulation system, capable of bruteforcing multiple hash types, creating bruteforce dictionaries, automatic hashing algorithm verification, random salt generation from Unicode to ASCII, and much more. Screenshots...

7.2AI score
Exploits0References2
Veracode
Veracode
added 2017/05/03 5:58 a.m.9 views

Insecure Cipher

github.com/go-macaron/macaron uses an insecure cipher for AES keys. The library uses MD5 to create AES keys which is considered insecure since MD5 is vulnerable to rainbow table attacks...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/03/01 12:0 a.m.4 views

Dahua DHI-HCVR7216A-S3 Information Disclosure Vulnerability (CNVD-2017-02590)

Dahua DHI-HCVR7216A-S3 is a network DVR product from China Dahua Dahua. A security vulnerability exists in the web interface of NVR firmware version 3.210.0001.10, Camera firmware version 2.400.0000.28.R and SmartPSS software version 1.16.1 in Dahua DHI-HCVR7216A-S3 devices. A remote attacker can...

10CVSS6.8AI score0.12757EPSS
Exploits0References1
Prion
Prion
added 2012/07/26 10:55 p.m.23 views

Code injection

AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a 1 brute-force attack or 2 rainbow-table attack...

5CVSS6.9AI score0.01264EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2012/07/26 10:0 p.m.21 views

CVE-2012-3886

AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a 1 brute-force attack or 2 rainbow-table attack...

6.4AI score0.01264EPSS
Exploits1References2
CVE
CVE
added 2012/07/26 10:0 p.m.54 views

CVE-2012-3886

AirDroid 1.0.4 beta is affected by a cryptography weakness where MD5 is used for data in the checklogin parameter and the 7bb cookie. This allows an attacker on the same LAN to potentially recover sensitive data (cleartext) via sniffing the local wireless network and performing brute-force or rai...

5CVSS6.6AI score0.01264EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2012/06/09 12:55 a.m.17 views

CVE-2012-2565

Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach...

5.8CVSS6.6AI score0.0119EPSS
Exploits0References3
Prion
Prion
added 2012/06/09 12:55 a.m.11 views

Default credentials

Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach...

5.8CVSS7.1AI score0.0119EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/06/09 12:0 a.m.25 views

CVE-2012-2565

Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach...

6.6AI score0.0119EPSS
Exploits0References3
Prion
Prion
added 2011/11/10 12:55 a.m.13 views

Default credentials

www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon before 2.3.2 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach...

5CVSS7.1AI score0.01302EPSS
Exploits1References2Affected Software1
The Hacker News
The Hacker News
added 2011/02/16 4:59 p.m.8 views

Lessons to learn from the HBGary Federal hack !

The Anonymous attack on HBGary may have amused some who enjoyed the sight of a security firm left embarrassed and exposed, but it should send a shiver down the spine of any IT administrator responsible for securing their own company. Because can you honestly put your hand on your heart and say a...

6.9AI score
Exploits0
myhack58
myhack58
added 2010/01/02 12:0 a.m.141 views

How to generate Rainbow table-vulnerability warning-the black bar safety net

In a technical Forum accidentally saw a rainbow table download, under a few days of md5 Rainbow tables discover the number of seeds is too little, and the mainstream of the rainbow table is 100G or more online search all over again after the only think you can generate your own. Why bother to...

0.7AI score
Exploits0
myhack58
myhack58
added 2007/09/14 12:0 a.m.22 views

Security Master weapon awareness of Rainbow hash table crack tool-vulnerability warning-the black bar safety net

Cross-platform password Cracker Ophcrack the crack speed is simply incredible. In the end how fast? It can be in 1 6 0 seconds to crack“Fgpyyih804423”this password. Many people think that this password is already quite safe. Microsoft's password strength determination tool that the password of th...

0.7AI score
Exploits0
Rows per page
Query Builder