Lucene search
K

678 matches found

securityvulns
securityvulns
added 2006/11/14 12:0 a.m.46 views

Novell BorderManager ISAKMP weak cryptography

Predictable cookie generation allows DoS and replay attacks...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/03/24 12:0 a.m.38 views

Password Safe 3.0beta weak cryptography in PRNG

rand is used on systems different from Windows XP...

1.8AI score
Exploits0References1
securityvulns
securityvulns
added 2006/02/24 12:0 a.m.45 views

Perl Crypt::CBC module weak cryptography

Invalid Initialization vector generation algorithm for block cyphers with blocks different from 8 bytes Rijndael...

4AI score
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.14 views

CVE-2005-4860

Spectrum Cash Receipting System before 6.504 uses weak cryptography static substitution in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password...

7.8CVSS7.7AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2005/12/31 12:0 a.m.5 views

PT-2005-5521 · Spectrum · Spectrum Cash Receipting System

Name of the Vulnerable Software and Affected Versions: Spectrum Cash Receipting System versions prior to 6.504 Description: The issue concerns the use of weak cryptography, specifically static substitution, in the PASSFILE password file. This weakness makes it easier for local users to gain...

7.8CVSS6.7AI score0.002EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/12/16 12:0 a.m.25 views

Avaya wireless access points weak cryptography

Static WEP key 12345 is used...

2.5AI score
Exploits0References1
CVE
CVE
added 2005/11/21 11:0 a.m.45 views

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98/ME is affected by a cryptographic weakness: the product uses arithmetic and XOR operations to relate the Control password to the Administrator password, enabling local users who know the Control password and password recovery key to compute the Adm...

2.1CVSS6.9AI score0.00833EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/11/21 11:0 a.m.21 views

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography arithmetic and XOR operations to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recove...

6.5AI score0.00833EPSS
Exploits1References5
securityvulns
securityvulns
added 2005/11/17 12:0 a.m.31 views

PasswordSafe weak cryptography

Key derived from user password with fast algorythm is used as a key for block cypher, making it easy to bruteforce user password...

1.8AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2005/10/11 12:0 a.m.50 views

OpenSSL SSL 2.0 rollback (weak cryptography)

Active man-in-the-middle attacker can force rollback to SSL 2.0 protocol with known cryptographic weakness for both client and server if SSLOPMSIESSLV2RSAPADDING or SSLOPALL configuration option is enabled...

3.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/04/21 12:0 a.m.30 views

PostgreSQL weak cryptography

Username is used as a salt for MD5-hashed passwords. In addition, during authentication hash may be used directly without knowledge of cleartext password...

1.3AI score
Exploits0References1Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography arithmetic and XOR operations to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recove...

2.1CVSS6.5AI score0.00833EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/08/11 12:0 a.m.27 views

Sygate Secure Enterprise replay attacks

Weak cryptography in communications between server and client doesn't protect against replay attacks...

2.5AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2004/02/16 12:0 a.m.19 views

ProductCart 1.x/2.x - Weak Cryptography

source: https://www.securityfocus.com/bid/9669/info EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could expose sensitive data such as user credentials and allow fo...

7.4AI score
Exploits0
NVD
NVD
added 2003/08/27 4:0 a.m.19 views

CVE-2003-0148

The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that 1 obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, 2 crack t...

7.2CVSS7.7AI score0.00559EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/08/01 4:0 a.m.25 views

CVE-2003-0148

The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that 1 obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, 2 crack t...

7.7AI score0.00559EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/03/25 12:0 a.m.35 views

Adobe Acrobat Reader plugin trojaning

Because of weak cryptography it's possible to spoof Adobe signature for Acrobat Reader plugins...

2.2AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.62 views

icsa.certified.weak.crypto.txt

Date: Thu, 27 May 1999 00:24:26 -0700 From: Lucky Green To: [email protected] Subject: ICSA certifies weak crypto as secure I am becoming concerned about the apparent lack of professional competence within even well-known segments of the security community. I hope the incident I discovered is ...

7.4AI score
Exploits0
Rows per page
Query Builder