EUVD-2001-0259

Malware in sbrugna...

SUSE CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

The story of ZeroLogon

This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very...

Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode'

Microsoft is taking matters into its own hands when it comes to companies that haven’t yet updated their systems to address the critical Zerologon flaw. The tech giant will soon by default block vulnerable connections on devices that could be used to exploit the flaw. Starting Feb. 9, Microsoft...

Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector

Overview The Microsoft Windows Netlogon Remote Protocol MS-NRPC reuses a known, static, zero-value initialization vector IV in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator...

Amazon Linux AMI : xorg-x11-server (ALAS-2015-470)

Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...

Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64 (20141211)

Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...

xorg-server: multiple issues

CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...

CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

CVE-2014-8091

CVE-2014-8091 affects the X.Org X Window System server (X.Org X11, X.Org Server) prior to 1.16.3. The issue arises when using SUN-DES-1 (Secure RPC) credentials: malloc’s return value is not checked, enabling a remote attacker to trigger a denial of service via a crafted connection request, resul...

UBUNTU-CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

RPCSEC_GSS library: Buffer overflow

Background librpcsecgss is an implementation of RPCSECGSS for secure RPC communications. Description A stack based buffer overflow has been discovered in the svcauthgssvalidate function in file lib/rpc/svcauthgss.c when processing an overly long string in a RPC message. Impact A remote attacker...

DSA-1368-1 librpcsecgss - arbitrary code execution

Bulletin has no description...

SSH Secure-RPC Weak Encrypted Authentication Key Recovery (deprecated)

Binary data 1976.prm...

SSH1 may generate weak passphrase when using Secure RPC

Overview The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by...

CVE-2001-0259

The connected sources confirm a vulnerability in SSH Communications Security SSH versions 1.2.27–1.2.30 when Secure-RPC is enabled. A local attacker can cause the system to recover the SUN-DES-1 magic phrase generated for another user, which can then decrypt that user’s private key file. This wea...

Bug in SSH1 secure-RPC support can expose users' private keys

Hello all, There is a bug in SSH-1.2.30 involving Secure RPC. The patch for this is available at http://www.ssh.com/patches.html. The explanation and bug was submitted by Richard Silverman [email protected], and his explanation of the bug is below. The SSH1 protocol is not formally supported by SSH...

ttsession_vuln.txt

Subject: Vulnerability in ttsession To: [email protected] Hello, I discovered the following security problem in ttsession, part of CDE: Description ----------- The ToolTalk session daemon ttsession does not properly check client credentials. Impact ------ The insufficient check can lead t...