Lucene search
K

113 matches found

Tenable Nessus
Tenable Nessus
added 2016/05/04 12:0 a.m.48 views

Amazon Linux AMI : openssl (ALAS-2016-695)

A vulnerability was discovered that allows a man-in-the-middle attacker to use a padding oracle attack to decrypt traffic on a connection using an AES CBC cipher with a server supporting AES-NI. CVE-2016-2107 , Important It was discovered that the ASN.1 parser can misinterpret a large universal t...

10CVSS7.7AI score0.89058EPSS
Exploits7References6
OpenSSL
OpenSSL
added 2016/05/03 12:0 a.m.195 views

Vulnerability in OpenSSL - Memory corruption in the ASN.1 encoder

This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time. In previous versions of OpenSSL, ASN.1 encoding the...

7.7AI score0.77906EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2015/12/13 12:0 a.m.4 views

Apple OS X ASN.1 Parser Memory Corruption Vulnerability (CNVD-2015-08144)

Apple OS X is an operating system developed by Apple Inc. A security vulnerability in the handling of special certificates by the Apple OS X ASN.1 resolver allows attackers to conduct denial of service attacks or execute arbitrary code by submitting a certificate request...

6.8CVSS9.4AI score0.02236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2015/10/30 10:15 a.m.23 views

CVE-2005-1730

Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service NULL pointer dereference via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, ...

10CVSS7.7AI score0.85449EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.41 views

openSUSE Security Update : openssl (openSUSE-SU-2012:0414-1)

Specially crafted MIME headers could crash openssl's ASN.1 parser %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-174. The text description of this plugin is C SUSE LLC...

5CVSS8.7AI score0.06989EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/05/06 12:0 a.m.49 views

Debian DSA-2922-1 : strongswan - security update

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE/IPsec suite used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a NULL pointer dereference in the daemon parsing th...

5CVSS5.4AI score0.02514EPSS
Exploits0References4
OSV
OSV
added 2014/05/05 12:0 a.m.24 views

DSA-2922-1 strongswan - security update

Bulletin has no description...

5CVSS6AI score0.02514EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.36 views

Debian Security Advisory DSA 2922-1 (strongswan - security update)

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE/IPsec suite used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a null pointer dereference in the daemon parsing th...

5CVSS6.3AI score0.02514EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2014/05/04 12:0 a.m.27 views

Debian: Security Advisory (DSA-2922-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.02514EPSS
Exploits0References3
Debian
Debian
added 2013/11/01 12:19 p.m.23 views

[SECURITY] [DSA 2789-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2789-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez November 01, 2013 http://www.debian.org/security/faq -...

5CVSS6AI score0.02448EPSS
Exploits0
OSV
OSV
added 2013/11/01 12:0 a.m.18 views

DSA-2789-1 strongswan - Denial of service and authorization bypass

Bulletin has no description...

5CVSS6.3AI score0.02448EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/11/01 12:0 a.m.27 views

Debian Security Advisory DSA 2789-1 (strongswan - Denial of service and authorization bypass)

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a denial of service daemon crash or an authorization...

5CVSS0.4AI score0.02448EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/10/31 12:0 a.m.22 views

Debian: Security Advisory (DSA-2789-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.7AI score0.02448EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.20 views

SuSE 10 Security Update : strongswan (ZYPP Patch Number 6529)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5CVSS5.4AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/10/06 12:0 a.m.17 views

openSUSE 10 Security Update : openswan (openswan-6481)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...

5CVSS5.4AI score0.01577EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.27 views

SuSE 11 Security Update : openswan (SAT Patch Number 1296)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

5CVSS5.4AI score0.01577EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.25 views

SuSE 11 Security Update : strongswan (SAT Patch Number 1042)

Two vulnerabilities in the strongswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon. CVE-2009-2185 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

5CVSS5.5AI score0.02372EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.19 views

SuSE 10 Security Update : openswan (ZYPP Patch Number 6478)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5CVSS5.4AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.14 views

SuSE 11 Security Update : strongswan (SAT Patch Number 1283)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

5CVSS5.4AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.26 views

SuSE 11 Security Update : Kerberos (SAT Patch Number 738)

Clients sending negotiation requests with invalid flags could crash the kerberos server. CVE-2009-0845 GSS-API clients could crash when reading from an invalid address space. CVE-2009-0844 Invalid length checks could crash applications using the kerberos ASN.1 parser. CVE-2009-0847 Under certain...

10CVSS7.7AI score0.08898EPSS
Exploits3References11
Rows per page
Query Builder