[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 9687 Download | Alert*

A vulnerability was discovered and fixed in php-suhosin: crypt_blowfish before 1.1, as used in suhosin does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash . The updated packages have been patched to correct this issue.

Multiple vulnerabilities was discovered and fixed in glibc: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library , including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object in a subdirectory of the current working directory during exe ...

Multiple vulnerabilities has been identified and fixed in php: Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by using the same variable for multiple arguments . The ZipArchive::addGlob and ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5. ...

The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle passwords with 8-bit characters. Successful exploitation could allow attackers to obtain sensitive information.

The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code, disclose sensitive information or crash the service.

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters . Affected passwords are potentially faster to crack via brute force methods CVE-2011-2483. SUSE"s crypt implementation supports the blowfish password hashing function and system logins by default also use this method. This update eliminates the bug in the $2a implementation ...

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more ...

PostgreSQL is an advanced object-relational database management system . A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on the hash result, thus shortening the effective password length. This made brute-fo ...

PostgreSQL is an advanced object-relational database management system . A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on the hash result, thus shortening the effective password length. This made brute-fo ...

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determi ...


Pages:      Start    632    633    634    635    636    637    638    639    640    641    642    643    644    645    ..   968

© SecPod Technologies