916 matches found
openssl get_shared_ciphers overflow
Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...
DEBIAN-CVE-2006-3738
Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...
CVE-2006-3738
Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
Overview A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. Description The OpenSSL toolkit implements the Secure Sockets Layer SSL versions 2 and 3 and Transport Layer Security TLS version 1 protocols as well as a...
PT-2006-7520 · Apache · Apache Tomcat
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.28 through 4.1.31 Apache Tomcat versions 5.0.0 through 5.0.30 Apache Tomcat versions 5.5.0 through 5.5.17 Description: The default SSL cipher configuration uses certain insecure ciphers, including the anonymous...
DEBIAN-CVE-2006-0898
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...
SOL4944 - SSL decryption vulnerabilities - CR47778, CR48873, CR53987, CR54002
Workaround If upgrading is not an immediate option, you can prevent exploitation of these vulnerabilities temporarily by disabling NATIVE ciphers on any clientssl or serverssl profiles that require or request authentication. To do so, add :!NATIVE to the profiles' ciphers option available in the...
CVE-2005-2245
Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers...
CVE-2005-2245
The provided connected documents confirm a vulnerability in F5 BIG-IP versions 9.0.2 through 9.1 that allows attackers to subvert the authentication of SSL transactions. The root cause and attack vectors are described as unknown, with possible involvement of NATIVE ciphers, but no concrete exploi...
CVE-2005-2245
Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers...
Weak SSL Ciphers Supported
Binary data 1103.prm...
Weak SSL Ciphers Supported
Binary data 1104.prm...
Weak SSL Ciphers Supported
Binary data 1105.prm...
security flaw
Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...
security flaw
Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...
DEBIAN-CVE-2003-0192
Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...