Astra Linux - уязвимость в nss

A flaw was discovered in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, resulting in a denial of service for servers compiled with the NSS library. The greatest threat posed by this vulnerability is related to system...

MiracleLinux 4 : openssl098e-0.9.8e-18.AXS4.2 (AXSA:2014-380:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-380:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

MiracleLinux 3 : openssl097a-0.9.7a-12.AXS3.1 (AXSA:2014-382:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-382:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

EUVD-2017-16275

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-12457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 4.5.0. It mishandles the changecipherspec CCS message processing logic for TLS 1.3. If an attacker sends...

PT-2024-11019 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS versions through 2018-08-30 Description: An issue was discovered where one incorrect handshake could complete with different epoch numbers in the packets Client Hello, Client key exchange, and Change cipher spec, which may...

SUSE CVE-2009-1386

ssl/s3pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a DTLS ChangeCipherSpec packet that occurs before ClientHello...

SUSE CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

nss: TLS 1.3 CCS flood remote DoS Attack

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability...

nss: TLS 1.3 CCS flood remote DoS Attack

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability...

OESA-2021-1116 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Mozilla NSS Denial of Service Vulnerability

NSS is an underlying cryptography library from the Mozilla Foundation. The library supports a variety of cryptographic algorithms and the TLS implementation of the Firefox browser is based on this library. A denial of service vulnerability exists in NSS versions prior to 3.58. The vulnerability...

Vulnerability fixed in NSS

A vulnerability has been fixed in NSS. The vulnerability allows a remote malicious party capable of performing a denial-of-service attack perform on servers compiled with the NSS library by sending sending multiple ChangeCipherSpec messages. Mozilla has released updates to fix the vulnerability...

DEBIAN-CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

DEBIAN-CVE-2020-12457

An issue was discovered in wolfSSL before 4.5.0. It mishandles the changecipherspec CCS message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply loop, i.e., a denial of...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. An issue was discovered in wolfSSL before 4.5.0. It mishandles the changecipherspec CCS message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than...

UBUNTU-CVE-2020-12457

An issue was discovered in wolfSSL before 4.5.0. It mishandles the changecipherspec CCS message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply loop, i.e., a denial of...

CVE-2014-8176

The dtls1clearqueues function in ssl/d1lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a deni...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...