Lucene search
K

232 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2020:0948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.7AI score0.03388EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.5 views

The vulnerability in the implementation of the TLS protocol by the OpenSSL library, which allows a attacker to cause a service failure

The vulnerability of the TLS protocol implementation in the OpenSSL library is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause a service failure by using a specially crafted “ClientHello” message...

5.9CVSS7.2AI score0.62906EPSS
Exploits3References32Affected Software11
Kitploit
Kitploit
added 2020/09/04 12:30 p.m.76 views

SNIcat - Server Name Indication Concatenator

SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...

7.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/13 12:0 a.m.6 views

The vulnerability of the `send_client_hello` function in `handshake.c` of the GnuTLS cryptographic library is related to deficiencies in the cryptographic algorithms used. This vulnerability allows an attacker to gain unauthorized access to confidential data or compromise the integrity of the data.

The vulnerability of the sendclienthello function in the handshake.c file of the GnuTLS cryptographic library is related to deficiencies in the cryptographic algorithms used. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data or compromise the...

9.4CVSS6.8AI score0.03388EPSS
Exploits0References12Affected Software6
RedHat Linux
RedHat Linux
added 2020/04/30 5:38 p.m.2 views

gnutls: DTLS client hello contains a random value of all zeroes

A cryptographic weakness was found in the way DLTS implementation of GnuTLS, used zeros in place of random numbers. This flaw can break the security guarantee of the DTLS protocol...

7.4CVSS7.3AI score0.03388EPSS
Exploits0References5
Snyk
Snyk
added 2019/05/23 1:29 p.m.5 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL...

9.8CVSS8AI score0.08777EPSS
Exploits0References2
Prion
Prion
added 2019/05/23 1:29 p.m.23 views

Buffer overflow

wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length,...

7.5CVSS9.6AI score0.08777EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/04/29 3:29 p.m.2 views

ALPINE-CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS8.9AI score0.01496EPSS
Exploits0References1
OSV
OSV
added 2019/03/13 10:29 p.m.8 views

CVE-2019-6596

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when processing fragmented ClientHello messages in a DTLS session TMM may corrupt memory eventually leading to a crash. Only systems offering DTLS connections via APM are impacted...

7.5CVSS7.1AI score0.01376EPSS
Exploits0References2
OSV
OSV
added 2019/01/09 5:41 p.m.4 views

USN-3850-1 nss vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

5.9CVSS6.5AI score0.44398EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2018/11/01 12:0 a.m.4 views

The vulnerability of the CAPWAP operating system in FortiOS, allowing a hacker to induce a service failure

The vulnerability of the CAPWAP operating system in FortiOS arises from errors in processing input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a large number of ClientHello DTLS messages...

7.8CVSS5.5AI score0.01821EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2018/01/11 12:0 a.m.8 views

PT-2018-3641 · Openssl +11 · Openssl +11

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.1.1 through 1.1.1j MySQL Server versions 5.7.33 and earlier, 8.0.23 and earlier Description: The issue is related to a NULL pointer dereference in OpenSSL TLS servers when a maliciously crafted renegotiation ClientHello...

10CVSS6.2AI score0.99999EPSS
Exploits226References883
RedHat Linux
RedHat Linux
added 2017/08/01 8:39 a.m.3 views

gnutls: Crash upon receiving well-formed status_request extension

A null pointer dereference flaw was found in the way GnuTLS processed ClientHello messages with statusrequest extension. A remote attacker could use this flaw to cause an application compiled with GnuTLS to crash...

7.5CVSS5.8AI score0.0341EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2017/07/05 12:0 a.m.4 views

GnuTLS status_request Extension Null Pointer Dereference (CVE-2017-7507)

A denial of service vulnerability exists in the GnuTLS library. The vulnerability is due to improper parsing of certain values in the statusrequest extension. A remote attacker can exploit this vulnerability by sending a crafted Client Hello to the target server...

5CVSS4.5AI score0.0341EPSS
Exploits0
OSV
OSV
added 2017/03/10 2:59 a.m.4 views

CVE-2017-5872

The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service network connectivity disruption via a client hello with a...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
myhack58
myhack58
added 2016/12/20 12:0 a.m.38 views

Once due to bug fixes to trigger the vulnerability—CVE-2016-6309 vulnerability detailed analysis-vulnerability warning-the black bar safety net

openssl released a security level for”serious”UAF vulnerability, the exploit is simple, only need to send a tcp packet will trigger the vulnerability, but the consequences are serious, may result in TLS-related applications denial of service or even arbitrary code execution and other consequences...

0.2AI score0.70223EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.6 views

The vulnerability of the OpenSSL library, which allows a hacker to break the cryptographic security mechanism

The vulnerability of the ssl/s2srvr.c function in the OpenSSL library is related to errors in cryptographic transformations. Exploiting this vulnerability allows a malicious actor to break the cryptographic security mechanism by performing calculations related to SSLv2 traffic, involving function...

4.3CVSS7.1AI score0.10731EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2016/01/28 12:0 a.m.3 views

WolfSSL Denial of Service Vulnerability

WolfSSL formerly known as CyaSSL is the United States WolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in WolfSSL versions prior to 3.6.8. A remote attacker can exploit this vulnerability to cause a denial o...

7.5CVSS6.8AI score0.0272EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2015/08/25 12:0 a.m.6 views

The vulnerability of the OpenSSL library, which allows attackers to carry out attacks aimed at reducing the security of encryption algorithms

The vulnerability of the OpenSSL library is related to errors in cryptographic transformations. Exploiting this vulnerability allows a malicious actor, operating remotely and having access to the data transmission channel, to carry out attacks aimed at reducing the resilience of encryption...

4.3CVSS5.8AI score0.9986EPSS
Exploits1References17Affected Software2
OSV
OSV
added 2015/05/21 12:59 a.m.2 views

DEBIAN-CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...

3.7CVSS8.7AI score0.9986EPSS
Exploits1References1
Rows per page
Query Builder