Showing 1 - 2 of 2

Files Date: 2016-07-24

Debian Security Advisory 3626-1: Posted Jul 24, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3626-1 - Eddie Harari reported that the OpenSSH SSH daemon allows user enumeration through timing differences when trying to authenticate users. When sshd tries to authenticate a non-existing user, it will pick up a fixed fake password structure with a hash based on the Blowfish algorithm. If real users passwords are hashed using SHA256/SHA512, then a remote attacker can take advantage of this flaw by sending large passwords, receiving shorter response times from the server for non-existing users.; tags | advisory, remote; systems | linux, debian; advisories | CVE-2016-6210; SHA-256 | 2f863fa4086db0a31226d56604fd7475efd80aac9d83230c52c988d3925ce6d0; Download | Favorite | View

Joomla Huge IT Gallery 1.1.5 Cross Site Scripting / SQL Injection: Posted Jul 24, 2016; Authored by Larry W. Cashdollar, Elitza Neytcheva; Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; advisories | CVE-2016-1000113; SHA-256 | 120e40124b2650bf6bce6e60a521c443d54b15ebf39bb3e4eefcfa1bddb21b44; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days