EulerOS 2.0 SP1 : nss (EulerOS-SA-2017-1246)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use thi...

Important: nss

Issue Overview: Potential use-after-free in TLS 1.2 server when verifying client authentication: A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NS...

RedHat Update for nss RHSA-2017:2832-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nss: Potential use-after-free in TLS 1.2 server when verifying client authentication

A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...

CVE-2017-7805

A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...

CVE-2017-1520

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830...

SUSE-SU-2017:1137-1 Security update for mysql

This update for mysql to version 5.5.55 fixes the following issues: These security issues were fixed: - CVE-2017-3308: Unspecified vulnerability in Server: DML bsc1034850 - CVE-2017-3309: Unspecified vulnerability in Server: Optimizer bsc1034850 - CVE-2017-3329: Unspecified vulnerability in Serve...

Internet Bug Bounty: Certificate message OOB reads (CVE-2016-6306)

In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms. The messages affected are client certificate, client certificate...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible when the client authentication and ephemeral Diffie-Hellman ciphersuite are enabled. They can be triggered through the use of a ClientKeyExchange with a length of zero...

Access Bypass

OpenSSL is vulnerable to access bypass. OpenSSL accepts client authentication with a Diffie-Helman certificate without receiving a CertificateValue message. This allows attacks to gain access without the knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that...

Race condition

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...

CVE-2016-10027

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...

Cisco Unified Communications Manager Path Traversal Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A security vulnerability exists ...

UBUNTU-CVE-2016-7141

curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...

Compatibility of NetScaler with TLS 1.1 - 1.2 and Client Authentication with Citrix Receiver

NetScaler GatewayNG 11.0 version enabled for Client CertificateCC authentication with TLS 1.1,TLS1.2 enabled. 2. Citrix Receiver 4.3 or 4.4 installed on Client Machine. 3. During logon to Gateway, browser pop up to select client Certificate and then successfully login to enumerate the...

TLS-Attacker - A Java-based Framework for Analyzing TLS Libraries

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow...

httpd: X509 client certificate authentication bypass using HTTP/2

A flaw was found in the way httpd performed client authentication using X.509 client certificates. When the HTTP/2 protocol was enabled, a remote attacker could use this flaw to access resources protected by certificate authentication without providing a valid client certificate...

TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to...

Updated golang package fixes CVE-2016-3959

Updated golang packages fix security vulnerability: Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability...

MGASA-2016-0207 Updated golang package fixes CVE-2016-3959

Updated golang packages fix security vulnerability: Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability...