Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable9463.PRM
HistoryAug 05, 2016 - 12:00 a.m.

OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities

2016-08-0500:00:00
Tenable
www.tenable.com
13
JSON

According to its banner, the version of OpenSSL on the remote host is 1.0.2 prior to 1.0.2e and is affected by the following vulnerabilities :

  • A flaw in the ‘ssl3_get_key_exchange()’ function in ‘ssl/s3_clnt.c’ is triggered when handling a ‘ServerKeyExchange’ for an anon DH ciphersuite with the value of ‘p’ set to 0. This may allow a context-dependent attacker to crash an application linked against the library. (CVE-2015-1794)
  • A carry propagating flaw exists within the x86_64 Montgomery squaring procedure. This may cause ‘BN_mod_exp’ to produce incorrect results, which may potentially allow an attacker to derive information regarding private keys. (CVE-2015-3193)
Binary data 9463.prm
VendorProductVersionCPE
opensslopensslcpe:/a:openssl:openssl

Related

openvas 15
ibm 32
nessus 28
prion 4
debiancve 4
symantec 1
slackware 2
freebsd 2
f5 7
archlinux 3
veracode 2
cve 4
ubuntu 1
fortinet 1
cisco 1
ubuntucve 4
openssl 4
hackerone 1
gentoo 1
alpinelinux 2
osv 2
fedora 1
mageia 2
openwrt 1
redhatcve 1
nodejsblog 1
amazon 2
suse 3
apple 2
paloalto 1
packetstorm 1
ics 1
oracle 3
openvas
openvas
OpenSSL Multiple Vulnerabilities -01 (Dec 2015) - Linux
2015-12-18 00:00:00
OpenSSL Multiple Vulnerabilities -01 (Dec 2015) - Windows
2015-12-18 00:00:00
HPE Network Products Remote Denial of Service (DoS), Disclosure of Sensitive Information Vulnerability
2017-02-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2015-3193, CVE-2015-3195, CVE-2015-1794)
2021-06-08 22:18:27
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter
2023-04-14 14:32:25
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)
2020-02-05 00:53:36
nessus
nessus
OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities
2015-12-07 00:00:00
FreeBSD : openssl -- multiple vulnerabilities (4c8d1d72-9b38-11e5-aece-d050996490d0)
2015-12-07 00:00:00
Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities
2016-01-22 00:00:00
prion
prion
Design/Logic Flaw
2015-12-06 20:59:00
Code injection
2015-12-06 20:59:00
Design/Logic Flaw
2017-05-04 19:29:00
debiancve
debiancve
CVE-2015-1794
2015-12-06 20:59:00
CVE-2015-3193
2015-12-06 20:59:00
CVE-2017-3732
2017-05-04 19:29:00
symantec
symantec
SA105 : OpenSSL Vulnerabilities 3-Dec-2015
2015-12-10 08:00:00
slackware
slackware
[slackware-security] openssl
2015-12-16 06:25:41
[slackware-security] bind
2015-12-16 06:24:47
freebsd
freebsd
openssl -- multiple vulnerabilities
2015-12-03 00:00:00
bind -- multiple vulnerabilities
2015-11-24 00:00:00
f5
f5
K20219314 : OpenSSL vulnerability CVE-2015-1794
2015-12-08 00:00:00
SOL90542710 - OpenSSL vulnerabilities CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794
2015-12-03 00:00:00
SOL20219314 - OpenSSL vulnerability CVE-2015-1794
2015-12-07 00:00:00
archlinux
archlinux
openssl lib32-openssl: multiple issues
2015-12-05 00:00:00
[ASA-201701-36] lib32-openssl: multiple issues
2017-01-27 00:00:00
[ASA-201701-37] openssl: multiple issues
2017-01-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-10 02:44:47
Information Disclosure
2017-02-10 02:30:14
cve
cve
CVE-2015-1794
2015-12-06 20:59:00
CVE-2015-3193
2015-12-06 20:59:00
CVE-2017-3732
2017-05-04 19:29:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2015-12-07 00:00:00
fortinet
fortinet
OpenSSL Advisory - December 2015
2015-12-10 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products
2015-12-04 17:38:00
ubuntucve
ubuntucve
CVE-2015-1794
2015-12-04 00:00:00
CVE-2015-3193
2015-12-03 00:00:00
CVE-2017-3732
2017-01-26 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2015-1794
2015-08-11 00:00:00
Vulnerability in OpenSSL CVE-2015-3193
2015-12-03 00:00:00
Vulnerability in OpenSSL CVE-2017-3732
2017-01-26 00:00:00
hackerone
hackerone
Internet Bug Bounty: BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
2016-04-04 11:54:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2016-01-29 00:00:00
alpinelinux
alpinelinux
CVE-2017-3732
2017-05-04 19:29:00
CVE-2017-3738
2017-12-07 16:29:00
osv
osv
CVE-2017-3732
2017-05-04 19:29:00
CVE-2017-3738
2017-12-07 16:29:00
fedora
fedora
[SECURITY] Fedora 23 Update: openssl-1.0.2e-1.fc23
2015-12-06 19:20:38
mageia
mageia
Updated openssl packages fix security vulnerability
2015-12-05 13:03:58
Updated openssl packages fix security vulnerabilities
2017-12-17 02:20:04
openwrt
openwrt
bind: Security update (4 CVEs)
2016-01-24 13:33:41
redhatcve
redhatcve
CVE-2017-3738
2019-10-08 22:39:45
nodejsblog
nodejsblog
December Security Release Summary
2015-12-04 00:00:00
amazon
amazon
Medium: openssl
2018-05-10 17:29:00
Medium: openssl
2018-04-26 17:38:00
suse
suse
Security update for openssl (important)
2017-12-16 15:07:17
Security update for openssl (important)
2017-12-16 06:08:45
Security update for openssl (important)
2016-03-02 23:12:04
apple
apple
About the security content of Xcode 8.1
2016-10-27 00:00:00
About the security content of Xcode 8.1 - Apple Support
2017-01-23 05:36:06
paloalto
paloalto
OpenSSL Vulnerabilities
2016-08-15 00:00:00
packetstorm
packetstorm
Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
2017-07-14 00:00:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2016
2016-04-19 00:00:00
Oracle Critical Patch Update - July 2016
2016-07-19 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
JSON
Related for 9463.PRM
openvas15ibm32nessus28prion4debiancve4symantec1slackware2freebsd2f57archlinux3veracode2cve4ubuntu1fortinet1cisco1ubuntucve4openssl4hackerone1gentoo1alpinelinux2osv2fedora1mageia2openwrt1redhatcve1nodejsblog1amazon2suse3apple2paloalto1packetstorm1ics1oracle3