Lucene search
+L

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.77 views

Security Bulletin: OpenSSL security vulnerability issues on IBM Storwize V7000 Unified system (CVE-2013-4353, CVE-2013-6449, CVE-2013-6450)

Summary For the three security issues with openssl that could result in denial of service, a fix is available for IBM Storwize V7000 Unified system. Vulnerability Details CVEID: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 DESCRIPTION: OpenSSL is used in IBM Storwize V7000 Unified system for providi...

5.8CVSS0.8AI score0.21174EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2017/02/08 5:12 a.m.21 views

Man-in-the-Middle (MitM)

OpenSSL is vulnerable to man in the middle MitM attacks. These attacks are possible because the DTLS retransmission implementation doesn't correctly maintain data structures for digest and encryption contexts...

5.8CVSS7.2AI score0.14542EPSS
Exploits1References24Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.60 views

F5 Networks BIG-IP : OpenSSL vulnerability (K15158)

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service...

5.8CVSS7.1AI score0.14542EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/01/08 12:0 a.m.39 views

OpenSSL 1.0.1 < 1.0.1f Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.1f. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1f advisory. - The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NUL...

5.8CVSS7.1AI score0.21174EPSS
Exploits1References9
OSV
OSV
added 2014/01/01 4:5 p.m.4 views

DEBIAN-CVE-2013-6450

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service...

5.8CVSS9.1AI score0.14542EPSS
Exploits1References1
OSV
OSV
added 2014/01/01 4:5 p.m.2 views

CVE-2013-6450

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service...

5.8CVSS9.1AI score0.14542EPSS
Exploits1References22
Prion
Prion
added 2014/01/01 4:5 p.m.23 views

Information disclosure

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service...

5.8CVSS6.8AI score0.14542EPSS
Exploits1References22Affected Software1
Rows per page
Query Builder