|
278281
|
- |
|
ntp
|
ntp
|
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
|
NVD-CWE-Other
|
CVE-2014-9294
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278282
|
- |
|
ntp
|
ntp
|
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection …
|
NVD-CWE-Other
|
CVE-2014-9293
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278283
|
- |
|
innominate
|
mguard_firmware
|
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9193
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278284
|
- |
|
ekahau
|
activator
real-time_location_system_controller
b4_staff_badge_tag_firmware
b4_staff_badge_tag
|
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it …
|
CWE-200
Information Exposure
|
CVE-2014-9408
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278285
|
- |
|
revive-adserver
|
revive_adserver
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Revive Adserver before 3.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) delete data via …
|
CWE-352
Origin Validation Error
|
CVE-2014-9407
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278286
|
- |
|
znc
|
znc
|
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel w…
|
NVD-CWE-Other
|
CVE-2014-9403
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278287
|
- |
|
ettercap-project
|
ettercap
|
Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a l…
|
CWE-189
Numeric Errors
|
CVE-2014-9381
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278288
|
- |
|
ettercap-project
|
ettercap
|
The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9380
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278289
|
- |
|
ettercap-project
|
ettercap
|
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9379
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278290
|
- |
|
ettercap-project
|
ettercap
|
Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line …
|
CWE-20
Improper Input Validation
|
CVE-2014-9378
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
