SWITCH-CERT SECURITY ADVISORY
=
Vulnerability: Insecure Implementation of RSA Encryption
Affected Products: jCryption, PEAR Crypt_RSA, PEAR Crypt_RSA2
Advisory Date: 2011-11-30
Advisory Author:Daniel Roethlisberger, SWITCH-CERT
## Introduction
Web
: High
# Author: Daniel Roethlisberger
# Date: 2008-02-25
# CVE Name: CVE-2008-0385
#
#
Introduction
An AJAX based Blind SQL Injection vulnerability exists in
the Web 2.0 CMS framework Urulu [1]. A
# Risk: Medium
# Author: Daniel Roethlisberger
# Date: 2008-01-29
# CVE Name: CVE-2007-6340
#
#
Introduction
LSrunasE [1] and Supercrypt [2] are utilities used to run
commands under a different user
# Subject: Buffer Overflow
# Risk: Medium
# Effect: Locally exploitable
# Author: Daniel Roethlisberger ([EMAIL PROTECTED])
# Date: 2007-03-07
# CVE Name: CVE-2007-0005
#
#
Introduction:
-
The
m to be missing the required trailing space.
Cheers,
Dan
[1] http://online.securityfocus.com/archive/1/203313
--
Daniel Roethlisberger <[EMAIL PROTECTED]>
le format, thus is very ugly
code indeed, and probably unportable (compiles with gcc-2.95.2).
It should illustrate how to decode a PEF file though.
--[ Afterword ]---
If you copy this text or reuse any part of it, please give due
credit (and le