Padding Oracle Attack

openssl is vulnerable to padding oracle attacks. In the event of a fatal protocol error and SSLshutdown is called twice, an attacker is able to perform a padding oracle attack to decrypt data by sending a 0 byte record with invalid padding, causing the application to behave differently due to...

OpenSSL 1.0.2 < 1.0.2r Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2r. It is, therefore, affected by a vulnerability as referenced in the 1.0.2r advisory. - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one th...

Ubuntu 16.04 LTS / 18.04 LTS : OpenSSL vulnerability (USN-3899-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3899-1 advisory. Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding...

Design/Logic Flaw

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

USN-3899-1 openssl, openssl1.0 vulnerability

Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data...

CVE-2019-7006

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13...

IBM Content Navigator Information Disclosure Vulnerability

IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. A security vulnerability exists in IBM Content Navigator version 2.0.3 and 3.0CD, which originates from the program's use of a public key store...

CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

The vulnerability of the Decryption Policy Default Action component in Cisco Web Security Appliance routers allows a hacker to block certain SSL connections.

The vulnerability of the Decryption Policy Default Action component in Cisco Web Security Appliance firewalls is related to improper handling of encrypted SSL traffic. Exploiting this vulnerability could allow a malicious actor to block certain SSL connections remotely...

CVE-2017-1695

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177...

[SECURITY] [DLA 1675-1] python-gnupg security update

Package : python-gnupg Version : 0.3.6-1+deb8u1 CVE ID : CVE-2019-6690 Alexander Kjäll and Stig Palmquist discovered a vulnerability in python-gnupg, a wrapper around GNU Privacy Guard. It was possible to inject data through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt...

CVE-2018-15781

The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. An unauthenticated remote attacker could reverse engineer the cryptographic system used in the Dell Wyse Password Encoder to discover the hard coded private key and decryp...

TAU Threat Intelligence Notification: New macOS Malware Variant of Shlayer (OSX) Discovered

Carbon Black’s Threat Analysis Unit TAU recently discovered a new variant of a family of macOS malware which was first discovered in February of 2018 by researchers from Intego. TAU has obtained new samples of this malware and observed downloads of the malware from multiple sites, primarily...

CVE-2019-1672

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

Default configuration

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672

CVE-2019-1672 describes a vulnerability in the Cisco Web Security Appliance (WSA) where the Decryption Policy Default Action handling allows an unauthenticated, remote attacker to bypass a configured drop policy and permit SSL traffic that should have been denied. The root cause is the incorrect ...

Security Bulletin: IBM QRadar SIEM uses outdated hash algorithms. (CVE-2017-1695)

Summary The software uses an outdated or insecure cryptographic library or it is using a proprietary crypto standard which is likely to be vulnerable. Vulnerability Details CVEID: CVE-2017-1695 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker...