CVE-2006-1117

CVE-2006-1117 concerns nCipher firmware before v10 (used by nShield, nForce, netHSM, payShield, SecureDB, DSE200, TSMC, and possibly others). The issue arises from options meant for testing, not production, which might allow remote attackers to obtain encryption keys and crack them with less effo...

CVE-2006-1116

The CVE-2006-1116 issue affects the nCipher nCore API prior to version 2.18, where the CBC-MAC integrity functions transmit the initialization vector (IV) as part of a message when the IV is non-zero. This can allow remote attackers to bypass integrity checks and modify messages without detection...