Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

148 matches found

Cvelist
Cvelistadded 2010/12/02 4:0 p.m.24 views

CVE-2010-4020

MIT Kerberos 5 aka krb5 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a 1 AD-SIGNEDPATH or 2 AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte...

6.4AI score0.00535EPSS
Exploits0References23
NVD
NVDadded 2008/02/05 3:0 a.m.22 views

CVE-2007-6340

Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector IV, which makes it easier for local users to obtain cleartext passwords...

2.1CVSS6.2AI score0.00069EPSS
Exploits0References4
Cvelist
Cvelistadded 2008/02/05 2:0 a.m.21 views

CVE-2007-6340

Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector IV, which makes it easier for local users to obtain cleartext passwords...

6.2AI score0.00069EPSS
Exploits0References4
CVE
CVEadded 2008/02/05 2:0 a.m.46 views

CVE-2007-6340

The connected advisory confirms CVE-2007-6340 affects LSrunasE 1.0 and Supercrypt 1.0 and explains the root cause: RC4 is used without a unique initialization vector, deriving a constant keystream across all passwords. This insecure design allows an attacker with local access to break encryption ...

2.1CVSS6.2AI score0.00069EPSS
Exploits0References4Affected Software2
securityvulns
securityvulnsadded 2008/01/30 12:0 a.m.84 views

Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340)

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: LSrunasE, Supercrypt Vendor: Geert Moernaut Type: Flawed Encryption Risk: Medium Author: Daniel Roethlisberger Date: 2008-01-29 CVE Name: CVE-2007-6340 Introduction ------------ LSrunasE 1 and Supercrypt 2 are utilities used to run commands...

2.1CVSS6.7AI score0.00069EPSS
Exploits0
CVE
CVEadded 2005/04/21 4:0 a.m.51 views

CVE-2001-1469

The CVE-2001-1469 entry concerns the RC4-based use in SSH1, where remote attackers can modify messages without detection by XOR’ing the original message CRC with the CRC of a mask of the modified bits. Affected component is the RC4 stream cipher implementation within SSH1; impact is partial integ...

5CVSS7.1AI score0.00492EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2005/04/21 4:0 a.m.14 views

CVE-2001-1469

The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check CRC with the CRC of a mask consisting of all the bits of the original message that were modified...

6.7AI score0.00492EPSS
Exploits1References2
NVD
NVDadded 2001/01/18 5:0 a.m.8 views

CVE-2001-1469

The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check CRC with the CRC of a mask consisting of all the bits of the original message that were modified...

5CVSS6.7AI score0.00492EPSS
Exploits1References2
Rows per page
Query Builder