8 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-5814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-5814)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5814 advisory. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it d...
CBL Mariner 2.0 Security Update: mariadb (CVE-2024-5814)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5814 advisory. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it d...
Slackware: Security Advisory (SSA:2024-253-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] netatalk
New netatalk packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.2.8-i586-1slack15.0.txz: Upgraded. Bump bundled WolfSSL library to stable version 5.7.2, GitHub 1433. For more informatio...
Slackware Linux 15.0 / current netatalk Multiple Vulnerabilities (SSA:2024-253-01)
The version of netatalk installed on the remote host is prior to 3.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-253-01 advisory. New netatalk packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...
SUSE CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...