Lucene search
+L

916 matches found

redhat
redhat
added 2006/09/28 11:46 p.m.7 views

openssl get_shared_ciphers overflow

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

10CVSS7AI score0.48575EPSS
Exploits1References4
osv
osv
added 2006/09/28 6:7 p.m.1 views

DEBIAN-CVE-2006-3738

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

10CVSS7.6AI score0.48575EPSS
Exploits1References1
cvelist
cvelist
added 2006/09/28 6:0 p.m.23 views

CVE-2006-3738

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

6.5AI score0.48575EPSS
Exploits1References125
cert
cert
added 2006/09/28 12:0 a.m.93 views

OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow

Overview A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. Description The OpenSSL toolkit implements the Secure Sockets Layer SSL versions 2 and 3 and Transport Layer Security TLS version 1 protocols as well as a...

4CVSS8.1AI score0.02145EPSS
Exploits0References33
ptsecurity
ptsecurity
added 2006/04/27 12:0 a.m.5 views

PT-2006-7520 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.28 through 4.1.31 Apache Tomcat versions 5.0.0 through 5.0.30 Apache Tomcat versions 5.5.0 through 5.5.17 Description: The default SSL cipher configuration uses certain insecure ciphers, including the anonymous...

2.6CVSS6.1AI score0.18254EPSS
Exploits0References27
osv
osv
added 2006/02/25 11:2 a.m.3 views

DEBIAN-CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

2.6CVSS6.9AI score0.01397EPSS
Exploits0References1
f5
f5
added 2005/07/20 12:0 a.m.35 views

SOL4944 - SSL decryption vulnerabilities - CR47778, CR48873, CR53987, CR54002

Workaround If upgrading is not an immediate option, you can prevent exploitation of these vulnerabilities temporarily by disabling NATIVE ciphers on any clientssl or serverssl profiles that require or request authentication. To do so, add :!NATIVE to the profiles' ciphers option available in the...

3.2AI score
Exploits0Affected Software1
cvelist
cvelist
added 2005/07/12 4:0 a.m.39 views

CVE-2005-2245

Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers...

6.8AI score0.01404EPSS
Exploits0References4
cve
cve
added 2005/07/12 4:0 a.m.65 views

CVE-2005-2245

The provided connected documents confirm a vulnerability in F5 BIG-IP versions 9.0.2 through 9.1 that allows attackers to subvert the authentication of SSL transactions. The root cause and attack vectors are described as unknown, with possible involvement of NATIVE ciphers, but no concrete exploi...

7.5CVSS7.2AI score0.01404EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2005/07/12 4:0 a.m.16 views

CVE-2005-2245

Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers...

7.5CVSS6.8AI score0.01404EPSS
Exploits0References4
nessus
nessus
added 2004/08/20 12:0 a.m.7 views

Weak SSL Ciphers Supported

Binary data 1103.prm...

7.3AI score
Exploits0
nessus
nessus
added 2004/08/20 12:0 a.m.11 views

Weak SSL Ciphers Supported

Binary data 1104.prm...

7.3AI score
Exploits0
nessus
nessus
added 2004/08/20 12:0 a.m.13 views

Weak SSL Ciphers Supported

Binary data 1105.prm...

7.3AI score
Exploits0
redhat
redhat
added 2003/10/15 8:18 a.m.5 views

security flaw

Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...

6.4CVSS5.8AI score0.05993EPSS
Exploits0References4
redhat
redhat
added 2003/09/30 12:16 p.m.5 views

security flaw

Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...

6.4CVSS5.8AI score0.05993EPSS
Exploits0References4
osv
osv
added 2003/08/18 4:0 a.m.4 views

DEBIAN-CVE-2003-0192

Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...

6.4CVSS6.8AI score0.05993EPSS
Exploits0References1
Rows per page
Query Builder