The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the “FREAK” issue, a different vulnerability than CVE-2015-0204.

References

www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/

www.openwall.com/lists/oss-security/2015/03/17/9

www.securityfocus.com/bid/73250

www.ubuntu.com/usn/USN-2547-1

bugzilla.redhat.com/show_bug.cgi?id=1202869

github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10

mitls.org/pages/attacks/SMACK

www.debian.org/security/2015/dsa-3202

debiancve 2

ubuntucve 2

nvd 6

cvelist 6

cve 6

cisa 1

cisco 1

f5 4

openvas 28

ibm 70

hackerone 1

fortinet 1

openssl 1

checkpoint_security 1

nessus 43

cert 1

prion 5

veracode 1

thn 2

checkpoint_advisories 2

debian 4

securityvulns 2

osv 3

mageia 1

ubuntu 1

kitploit 1

oraclelinux 1

centos 1

redhat 1

debiancve

CVE-2015-2319

2018-01-08 19:29:00

CVE-2015-0204

2015-01-09 02:59:10

ubuntucve

CVE-2015-2319

2015-03-18 00:00:00

CVE-2015-0204

2015-01-08 00:00:00

nvd

CVE-2015-2319

2018-01-08 19:29:00

CVE-2015-0204

2015-01-09 02:59:10

CVE-2015-0138

2015-03-25 01:59:17

cvelist

CVE-2015-2319

2018-01-08 19:00:00

CVE-2015-0204

2015-01-09 02:00:00

CVE-2015-0535

2015-08-20 10:00:00

cve

CVE-2015-2319

2018-01-08 19:29:00

CVE-2015-0204

2015-01-09 02:59:10

CVE-2015-0138

2015-03-25 01:59:17

cisa

FREAK

2015-03-06 00:00:00

cisco

OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability

2015-01-13 19:57:19

K16139 : OpenSSL vulnerability CVE-2015-0204

2015-10-02 00:00:00

SOL16139 - OpenSSL vulnerability CVE-2015-0204

2015-02-12 00:00:00

SOL16903 - Microsoft Schannel vulnerability CVE-2015-1637

2015-07-13 00:00:00

openvas

DTLS: Deprecated DTLSv1.0 Detection

2024-01-09 00:00:00

SSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)

2015-03-06 00:00:00

OpenSSL Information Disclosure Vulnerability (20150319 - 4) - Linux

2021-07-29 00:00:00

ibm

Security Bulletin: OpenSSL vulnerabilities for Rational Automation Framework Security Advisory (CVE-2015-0204)

2018-06-17 05:01:24

Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)

2018-06-18 00:09:22

Security Bulletin: Vulnerability in OpenSSL affects IBM® DB2® LUW (CVE-2015-0204)

2018-06-16 13:36:41

hackerone

Internet Bug Bounty: FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers

2015-03-05 16:18:06

fortinet

TLS FREAK Attack

2015-03-04 00:00:00

openssl

Vulnerability in OpenSSL CVE-2015-0204

2015-01-06 00:00:00

checkpoint_security

Check Point response to TLS FREAK Attack (CVE-2015-0204)

2015-03-03 22:00:00

nessus

Xerox WorkCentre 6400 OpenSSL RSA Temporary Key Handling EXPORT_RSA Ciphers Downgrade MitM (XRX15AP) (FREAK)

2015-12-11 00:00:00

F5 Networks BIG-IP : OpenSSL vulnerability (SOL16139) (FREAK)

2015-10-05 00:00:00

Opera < 28.0.1750.40 SSL/TLS EXPORT_RSA Ciphers Downgrade MitM (Mac OS X) (FREAK)

2015-03-17 00:00:00

cert

SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

2015-03-06 00:00:00

prion

Code injection

2015-01-09 02:59:00

Design/Logic Flaw

2015-03-25 01:59:00

Design/Logic Flaw

2015-08-20 10:59:00

veracode

Brute Force Decryption

2017-02-10 01:27:34

thn

'FREAK' — New SSL/TLS Vulnerability Explained

2015-03-03 20:30:00

OpenSSL to Patch Undisclosed High Severity Vulnerability this Thursday

2015-07-06 22:12:00

checkpoint_advisories

SSL Export Cipher Suite (CVE-2015-0204; CVE-2015-1637)

2015-03-04 00:00:00

OpenSSL TLS Export Cipher Suite Downgrade (CVE-2015-0204; CVE-2015-1637)

2015-03-04 00:00:00

debian

[SECURITY] [DLA 176-1] mono security update

2015-03-19 12:40:55

[SECURITY] [DSA 3202-1] mono security update

2015-03-22 16:33:03

[SECURITY] [DSA 3202-1] mono security update

2015-03-22 16:33:03

securityvulns

mono security vulnerabilities

2015-05-11 00:00:00

[SECURITY] [DSA 3202-1] mono security update

2015-05-11 00:00:00

osv

mono - security update

2015-03-19 00:00:00

mono - security update

2015-03-22 00:00:00

openssl - security update

2015-01-11 00:00:00

mageia

Updated mono packages fix security vulnerabilities

2015-04-15 19:07:57

ubuntu

Mono vulnerabilities

2015-03-24 00:00:00

kitploit

A2SV - Auto Scanning to SSL Vulnerability

2016-08-06 14:46:00

oraclelinux

openssl security update

2015-02-26 00:00:00

centos

openssl security update

2015-01-20 21:00:39

redhat

(RHSA-2015:0066) Moderate: openssl security update

2015-01-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.9

Confidence

Low

EPSS

0.948

Percentile

99.3%

JSON

Related for PRION:CVE-2015-2319