Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Prion
Prionadded 2008/02/05 3:0 a.m.6 views

Design/Logic Flaw

Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering...

2.1CVSS6.7AI score0.0008EPSS
Exploits0References3
NVD
NVDadded 2008/02/05 3:0 a.m.9 views

CVE-2008-0580

Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering...

2.1CVSS6.2AI score0.0008EPSS
Exploits0References3
Prion
Prionadded 2008/02/05 3:0 a.m.14 views

Default credentials

Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector IV, which makes it easier for local users to obtain cleartext passwords...

2.1CVSS6.7AI score0.00069EPSS
Exploits0References4Affected Software2
NVD
NVDadded 2008/02/05 3:0 a.m.12 views

CVE-2007-6340

Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector IV, which makes it easier for local users to obtain cleartext passwords...

2.1CVSS6.2AI score0.00069EPSS
Exploits0References4
Cvelist
Cvelistadded 2008/02/05 2:0 a.m.12 views

CVE-2007-6340

Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector IV, which makes it easier for local users to obtain cleartext passwords...

6.2AI score0.00069EPSS
Exploits0References4
CVE
CVEadded 2008/02/05 2:0 a.m.31 views

CVE-2008-0580

CVE-2008-0580 concerns Geert Moernaut’s LSrunasE and Supercrypt components that use an encryption key derived from an SHA1 hash of a fixed string embedded in the executable. The fixed-key approach means local users can obtain the key without reverse engineering, undermining confidentiality of the...

2.1CVSS6.2AI score0.0008EPSS
Exploits0References3Affected Software2
CVE
CVEadded 2008/02/05 2:0 a.m.45 views

CVE-2007-6340

The connected advisory confirms CVE-2007-6340 affects LSrunasE 1.0 and Supercrypt 1.0 and explains the root cause: RC4 is used without a unique initialization vector, deriving a constant keystream across all passwords. This insecure design allows an attacker with local access to break encryption ...

2.1CVSS6.2AI score0.00069EPSS
Exploits0References4Affected Software2
securityvulns
securityvulnsadded 2008/01/30 12:0 a.m.41 views

LSrunasE and Supercrypt cryptogoraphic vulnerabilities

Cryptography is implemented in insecure way...

2.1CVSS2.7AI score0.00069EPSS
Exploits0References1Affected Software2
securityvulns
securityvulnsadded 2008/01/30 12:0 a.m.76 views

Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340)

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: LSrunasE, Supercrypt Vendor: Geert Moernaut Type: Flawed Encryption Risk: Medium Author: Daniel Roethlisberger Date: 2008-01-29 CVE Name: CVE-2007-6340 Introduction ------------ LSrunasE 1 and Supercrypt 2 are utilities used to run commands...

2.1CVSS6.7AI score0.00069EPSS
Exploits0
Rows per page
Query Builder