534 matches found
Information Disclosure
github.com/ory/fosite is vulnerable to information disclosure. The vulnerability exists as the request body may contain client secrets to be exposed when POST-body based client authentication is enabled...
TP-Link TL-SG108E XSS / Weak Access Control
Overview ------------- Three vulnerabilities have been discovered in the TP-Link TL-SG108E, firmware 1.0.0 Build 20160722 Rel.50167: CVE-2017-17745 - Cross Site Scripting XSS in systemnameset.cgi, sysName parameter CVE-2017-17746 - Weak access control for user authentication CVE-2017-17747 - Weak...
EulerOS 2.0 SP2 : nss (EulerOS-SA-2017-1247)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use thi...
EulerOS 2.0 SP1 : nss (EulerOS-SA-2017-1246)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use thi...
Important: nss
Issue Overview: Potential use-after-free in TLS 1.2 server when verifying client authentication: A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NS...
RedHat Update for nss RHSA-2017:2832-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nss: Potential use-after-free in TLS 1.2 server when verifying client authentication
A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...
CVE-2017-7805
A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...
CVE-2017-1520
IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830...
SUSE-SU-2017:1137-1 Security update for mysql
This update for mysql to version 5.5.55 fixes the following issues: These security issues were fixed: - CVE-2017-3308: Unspecified vulnerability in Server: DML bsc1034850 - CVE-2017-3309: Unspecified vulnerability in Server: Optimizer bsc1034850 - CVE-2017-3329: Unspecified vulnerability in Serve...
Internet Bug Bounty: Certificate message OOB reads (CVE-2016-6306)
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms. The messages affected are client certificate, client certificate...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible when the client authentication and ephemeral Diffie-Hellman ciphersuite are enabled. They can be triggered through the use of a ClientKeyExchange with a length of zero...
Access Bypass
OpenSSL is vulnerable to access bypass. OpenSSL accepts client authentication with a Diffie-Helman certificate without receiving a CertificateValue message. This allows attacks to gain access without the knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that...
Race condition
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...
CVE-2016-10027
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...
Cisco Unified Communications Manager Path Traversal Vulnerability
Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A security vulnerability exists ...
UBUNTU-CVE-2016-7141
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...
Compatibility of NetScaler with TLS 1.1 - 1.2 and Client Authentication with Citrix Receiver
NetScaler GatewayNG 11.0 version enabled for Client CertificateCC authentication with TLS 1.1,TLS1.2 enabled. 2. Citrix Receiver 4.3 or 4.4 installed on Client Machine. 3. During logon to Gateway, browser pop up to select client Certificate and then successfully login to enumerate the...
TLS-Attacker - A Java-based Framework for Analyzing TLS Libraries
TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow...
httpd: X509 client certificate authentication bypass using HTTP/2
A flaw was found in the way httpd performed client authentication using X.509 client certificates. When the HTTP/2 protocol was enabled, a remote attacker could use this flaw to access resources protected by certificate authentication without providing a valid client certificate...