18 matches found
EUVD-2019-9877
Malware in sbrugna...
EUVD-2021-10099
Malware in sbrugna...
EUVD-2015-6055
Malware in sbrugna...
CVE-2021-22981
On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during...
F5 Networks BIG-IP : TLS Triple Handshake Attack vulnerability (K000132686)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0.1. It is, therefore, affected by a vulnerability as referenced in the K000132686 advisory. The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack...
K000132686: TLS Triple Handshake Attack vulnerability
Security Advisory Description The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. Impact This vulnerability may allow an unauthenticated...
CVE-2021-22981
On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during...
CVE-2021-22981
On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during...
openssl security, bug fix, and enhancement update
1.1.1g-11 - Further changes for SP 800-56A rev3 requirements 1.1.1g-9 - Rewire FIPSdrbg API to use the RANDDRBG - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters 1.1.1g-7 - Disallow dropping Extended Master Secret extension on renegotiation - Return alert from sserver if...
October 15, 2019—KB4520015 (Preview of Monthly Rollup)
October 15, 2019—KB4520015 Preview of Monthly Rollup IMPORTANT Customers who have purchased the Extended Security Update ESU for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. F...
CVE-2019-1318
A spoofing vulnerability exists when Transport Layer Security TLS accesses non- Extended Master Secret EMS sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'...
Spoofing
A spoofing vulnerability exists when Transport Layer Security TLS accesses non- Extended Master Secret EMS sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'...
CVE-2019-1318
A spoofing vulnerability exists when Transport Layer Security TLS accesses non- Extended Master Secret EMS sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'...
Microsoft Windows Transport Layer Security Spoofing Vulnerability
A spoofing vulnerability exists when Transport Layer Security TLS accesses non- Extended Master Secret EMS sessions. An attacker who successfully exploited this vulnerability may gain access to unauthorized information. To exploit the vulnerability, an attacker would have to conduct a...
MS15-121: Security update for Schannel to address spoofing: November 10, 2015
MS15-121: Security update for Schannel to address spoofing: November 10, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow spoofing if an attacker performs a man-in-the-middle MiTM attack between a client and a legitimate server. To lea...
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-714)
This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-704)
This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...
Security update update for MozillaFirefox, mozilla-nss (important)
This update to Mozilla Firefox 46.0 fixes several security issues and bugs boo977333. The following vulnerabilities were fixed: - CVE-2016-2804: Miscellaneous memory safety hazards - MFSA 2016-39 boo977373 - CVE-2016-2806: Miscellaneous memory safety hazards - MFSA 2016-39 boo977375 -...