Lucene search
K

32 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-2626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using...

5.5CVSS6.2AI score0.00464EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 6 : libice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libICE: weak entropy usage in session keys CVE-2017-2626 Note that Nessus has not tested for this issue but has...

5.5CVSS7.3AI score0.00464EPSS
Exploits2References1
OSV
OSV
added 2023/08/31 12:14 p.m.3 views

BELL-CVE-2017-2626 CVE-2017-2626 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.8AI score0.00464EPSS
Exploits2References1
Cloud Foundry
Cloud Foundry
added 2022/12/07 12:0 a.m.26 views

USN-5744-1: libICE vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libICE was using a weak mechanism to generate the session cookies. A local attacker could possibly use this issue to perform a privilege escalation attack. Updat...

5.5CVSS5.7AI score0.00464EPSS
Exploits2Affected Software2
OpenVAS
OpenVAS
added 2022/11/29 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-5744-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2022/11/28 12:0 a.m.38 views

Ubuntu 16.04 ESM / 18.04 LTS : libICE vulnerability (USN-5744-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5744-1 advisory. It was discovered that libICE was using a weak mechanism to generate the session cookies. A local attacker could possibly use this issue to perform a...

5.5CVSS6.4AI score0.00464EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2017-0307)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2017:1835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2018:0337-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for libICE (EulerOS-SA-2020-1992)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.34 views

EulerOS Virtualization for ARM 64 3.0.6.0 : libICE (EulerOS-SA-2020-1992)

According to the version of the libICE package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for...

5.5CVSS6.2AI score0.00464EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.3AI score0.07528EPSS
Exploits3References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.29 views

Security Bulletin: Vulnerability in X.Org libICE affects IBM Chassis Management Module (CVE-2017-2626)

Summary IBM Chassis Management Module has addressed the following vulnerability in X.Org libICE. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerability in X.Org libICE. Vulnerability Details: CVEID: CVE-2017-2626 Description: X.Org libICE could allow...

5.5CVSS0.4AI score0.00464EPSS
Exploits2
OSV
OSV
added 2018/07/27 7:29 p.m.27 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS2AI score0.00464EPSS
Exploits2References9
UbuntuCve
UbuntuCve
added 2018/07/27 7:29 p.m.23 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS6.4AI score0.00464EPSS
Exploits2References5
CVE
CVE
added 2018/07/27 7:0 p.m.218 views

CVE-2017-2626

Summary: CVE-2017-2626 affects X.Org libICE, where libICE before 1.0.9-8 uses weak entropy to generate session keys. This could enable a local attacker to hijack a session by observing data from the process list. Affected versions (from sources): libICE up to 1.0.9-8 (X.Org libICE). Some advisori...

5.5CVSS5.3AI score0.00464EPSS
Exploits2References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/02/02 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : libICE (SUSE-SU-2018:0337-1)

This update for libICE fixes the following issues : - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068 Note that Tenable Network Security has extracted the...

5.5CVSS6.3AI score0.00464EPSS
Exploits2References4
OSV
OSV
added 2018/02/01 11:39 a.m.9 views

SUSE-SU-2018:0337-1 Security update for libICE

This update for libICE fixes the following issues: - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068...

5.5CVSS5.8AI score0.00464EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.30 views

EulerOS 2.0 SP1 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)

According to the versions of the libXpm, libXdmcp, libICE packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash...

9.8CVSS6.6AI score0.07528EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.38 views

EulerOS 2.0 SP2 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)

According to the versions of the libXpm, libXdmcp, libICE packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash...

9.8CVSS6.6AI score0.07528EPSS
Exploits3References4
Rows per page
Query Builder