113 matches found
OracleVM 3.2 : openssh (OVMSA-2016-0030)
The remote OracleVM system is missing necessary patches to address critical security updates : - change default value of MaxStartups - CVE-2010-5107 John Haxby - improve RNG seeding from /dev/random 681291,708056 - make ssh1's ConnectTimeout option apply to both the TCP connection and SSH banner...
How to Perform a Manual Failback (Reverse Replication)
Challenge This article explains the steps to perform a manual failback using reverse replication when a normal failback fails or is not possible because the replica was powered on outside of the Veeam console. This process turns replication on its head and uses it as a tool to synchronize the...
CVE-2015-0285
The ssl3clienthello function in s3clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force...
CVE-2015-0285
The ssl3clienthello function in s3clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force...
Cannot find a restore point newer than the seed
Challenge The replication job completes with the warning: Cannot find a restore point newer than the seed Cause This warning occurs when the replication job has been: configured to seed from a repository that contains seed backup files that are as current as the backup job that generated them. or...
Design/Logic Flaw
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications...
Cannot find VM in the backup file specified for seeding
Challenge A replication job with seeding enabled fails with any of the following errors: Failed to create processing task for VM Error: VM VM not found in backup for initial sync !Screenshot of Failed to create processing task for VM VM Error: VM \VM\ not found in backup for initial sync...
How to Seed a Backup Copy Job
Purpose This article provides references to documentation explaining how to manually seed a Backup Copy job with Veeam Backup & Replication. Solution Veeam Backup & Replication User Guide: Creating Seed for Backup Copy Job Veeam Backup & Replication User Guide: Backup Copy Job Mapping If this KB...
Error: Object reference not set to an instance of an object after manually deleting a replica VM
Challenge You receive an error after manually deleting a replica VM. Cause The replication job is still mapped to the previous replica VM. An error is produced when Veeam attempts to access the invalid object. Solution Unchecking the Low Connection Bandwidth Enable replica seeding checkbox does n...
Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl
Debian OpenSSL Predictable PRNG - - - Links Original UR...
CVE-2013-2803
ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG algorithm and seeding strategy for passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack...
How to Manually Seed a Replica
Purpose Under certain circumstances, the seeding function used by a Replication job may not function correctly. If this occurs, an alternate seeding method is to manually pre-create the replica from a backup and then use the mapping function of the Replication job to map to that restored VM...
Creating Replication Jobs in Backup & Replication version 6.x
Challenge How to create replication jobs. Solution To replicate virtual machines, you should create a replication job by means of the New Replication Job wizard. You can perform the created job immediately, schedule, or save it. Before You Begin • Prior to creating a replication job, make sure yo...
DEBIAN-CVE-2008-7278
The S/MIME feature in Open Ticket Request System OTRS before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available fo...
DEBIAN-CVE-2009-5057
The S/MIME feature in Open Ticket Request System OTRS before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations,...
Design/Logic Flaw
The S/MIME feature in Open Ticket Request System OTRS before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available fo...
CVE-2009-5057
The S/MIME feature in Open Ticket Request System OTRS before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations,...
CVE-2010-3399
The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess th...
CVE-2010-3400
The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-forc...
Users can be tricked into uploading unexpected files
Plug-ins may be used to seed the system clipboard with paths to a target file, while the user may not expect that to be the contents of the clipboard. If the user can be convinced to focus a file input and paste the contents of the clipboard, the file can then be immediately uploaded without...