Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-20 | CVE-2008-1431 | Cryptographic Issues vulnerability in Raidsonic Technology Firmware 2.6.0N RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key. | 2.1 |
| 2008-03-18 | CVE-2008-1383 | Cryptographic Issues vulnerability in Gentoo Linux The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate. | 1.9 |
| 2008-03-10 | CVE-2008-1263 | Cryptographic Issues vulnerability in Linksys Wrt54G The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. | 4.0 |
| 2008-02-13 | CVE-2008-0759 | Cryptographic Issues vulnerability in Group Logic Extremez-Ip File Server and Extremez-Ip Print Server ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allows remote attackers to cause a denial of service (daemon crash) via an invalid UAM field in a request to the Apple Filing Protocol (AFP) service on TCP port 548. | 5.0 |
| 2008-01-04 | CVE-2007-6635 | Cryptographic Issues vulnerability in Netbizcity Faqmasterflexplus FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access. | 6.4 |
| 2007-12-24 | CVE-2007-6521 | Cryptographic Issues vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates. | 10.0 |
| 2007-12-19 | CVE-2007-5863 | Cryptographic Issues vulnerability in Apple mac OS X and mac OS X Server Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option. | 9.3 |
| 2007-12-01 | CVE-2007-5502 | Cryptographic Issues vulnerability in Openssl Fips Object Module 1.1.1 The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. | 6.4 |
| 2007-11-30 | CVE-2007-6192 | Cryptographic Issues vulnerability in Citrix Netscaler 8.0 The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack. | 4.3 |
| 2007-10-11 | CVE-2007-5373 | Cryptographic Issues vulnerability in Ldapscripts 1.4/1.7 ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function. | 2.1 |