MiracleLinux 3 : openssl097a-0.9.7a-9.AXS3.2 (AXSA:2010-157:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2010-157:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

RHEL 5 : httpd and httpd22 (RHSA-2010:0011)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0011 advisory. - httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3094 - httpd: modproxyftp FTP command injection vi...

Debian: Security Advisory (DSA-2141-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-400-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1934-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K10737: SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

SSL/TLS: Renegotiation MITM Vulnerability (CVE-2009-3555)

The remote SSL/TLS service is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nginx 0.1.0 - 0.7.63 / 0.8.x - 0.8.22 SSL Protocol Renegotiation Vulnerability

nginx is prone to a renegotiation vulnerability in the SSL protocol. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i (CVE-2009-3555)

Summary Information about security vulnerabilities affecting IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i is published in the details below. Vulnerability Details CVEID: CVE-2009-3555 DESCRIPTION: Multiple implementations of the Transport Layer Security TLS protocol, including SSL,...

Solaris 10 (sparc) : 145102-01

SunOS 5.10: wanboot patch. Date this patch was last updated by Sun : Jun/18/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 10 (x86) : 125438-22

Oracle iPlanet Web Server 7.0.12 Solarisx86: Update Release patch. Date this patch was last updated by Sun : Aug/26/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (sparc) : 128640-30

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful...

nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.64 or 0.8.x prior to 0.8.23. It is, therefore, affected by multiple vulnerabilities as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenable Network Security,...

Fortinet FortiOS < 5.2 / 5.4.x < 5.4.6 / 5.6.x < 5.6.1 SSL / TLS Renegotiation Handshakes MitM Plaintext Data Injection (FG-IR-17-137)

The version of Fortinet FortiOS running on the remote device is 5.2.x or prior, 5.4.x prior to 5.4.6, or 5.6.x prior to 5.6.1. It is, therefore, affected by a MITM vulnerability in SSL Deep-Inspection due to insecure TLS renegotiation. C Tenable Network Security, Inc. include"compat.inc"; if...

FortiOS SSL Deep-Inspection possible Insecure Renegotiation

FortiOS SSL Deep-Inspection may enable insecure renegotiation between TLS clients and servers that support secure renegotiation, opening the door to potential Man-in-the-Middle attacks CVE-2009-3555 against the TLS connection, where an attacker could inject arbitrary data in the connection withou...

[SECURITY] [DLA 400-1] pound security update

Package : pound Version : 2.6-1+deb6u1 CVE ID : CVE-2009-3555 CVE-2011-3389 CVE-2012-4929 CVE-2014-3566 This update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy. CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as...

Oracle: Security Advisory (ELSA-2009-1579)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0165)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0164)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201406-32

Gentoo Linux Local Security Checks GLSA 201406-32 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...