9 matches found
CVE-2026-1677 net: TLS 1.2 connections allowed on TLS 1.3 sockets
Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...
EUVD-2004-0883
Malware in sbrugna...
SUSE CVE-2004-0885
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
Design/Logic Flaw
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations...
CVE-2017-9267
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations...
CVE-2017-9267
CVE-2017-9267 affects Micro Focus/Novell eDirectory before 9.0.3.1, where the LDAP interface does not enforce cipher restrictions, allowing weaker ciphers to be used during SSL BIND. CNVD-2018-06606 confirms the issue stems from password restrictions in the LDAP interface and notes the vulnerable...
CVE-2017-9267 eDirectory LDAP peer certificate validation issue
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations...
mod_ssl SSLCipherSuite bypass
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
DEBIAN-CVE-2004-0885
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...