4226 matches found
IBM WebSphere Application Server Information Disclosure Vulnerability (swg21979231)
IBM WebSphere Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-0306
IBM WebSphere Application Server WAS 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
Information disclosure
IBM WebSphere Application Server WAS 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
CVE-2016-0306
CVE-2016-0306 (IBM WAS) : WebSphere Application Server versions 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10 have a TLS misconfiguration when FIPS 140-2 is enabled, enabling MITM attackers to obtain sensitive information. IBM advisories indicate fixes are available by upgradi...
OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0048)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 128146...
openSUSE Security Update : openssl (openSUSE-2016-561)
This update for openssl fixes the following issues : - CVE-2016-2108: Memory corruption in the ASN.1 encoder boo977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check boo977616 - CVE-2016-2105: EVPEncodeUpdate overflow boo977614 - CVE-2016-2106: EVPEncryptUpdate overflow boo977615 -...
SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1233-1)
This update for openssl fixes the following issues : - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...
SUSE-SU-2016:1233-1 Security update for openssl
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...
OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816 - SSH2MSGDISCONNECT for user initiate...
Oracle: Security Advisory (ELSA-2016-0428)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.3 / 3.4 : libssh2 (OVMSA-2016-0035)
The remote OracleVM system is missing necessary patches to address critical security updates : - use secrects of the appropriate length in Diffie-Hellman CVE-2016-0787 - fix basic functionality of libssh2 in FIPS mode 968575 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks ...
libssh2 security update
1.4.2-2.el67.1 - use secrects of the appropriate length in Diffie-Hellman CVE-2016-0787 1.4.2-2 - fix basic functionality of libssh2 in FIPS mode 968575...
openssh security, bug fix, and enhancement update
6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...
Scientific Linux Security Update : libreswan on SL7.x x86_64 (20151104)
A flaw was discovered in the way Libreswan's IKE daemon processed IKE KE payloads. A remote attacker could send specially crafted IKE payload with a KE payload of g^x=0 that, when processed, would lead to a denial of service daemon crash. CVE-2015-3240 Note: Please note that when upgrading from a...
CentOS Update for libreswan CESA-2015:1979 centos7
Check the version of libreswan SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882312";...
RedHat Update for libreswan RHSA-2015:1979-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : libreswan (RHSA-2015:1979)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1979 advisory. Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
Moderate: Red Hat Security Advisory: libreswan security and enhancement update
Updated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...
Oracle Linux 7 : libreswan (ELSA-2015-1979)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2015-1979 advisory. - Resolves: rhbz1259208 CVE-2015-3240 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...
CentOS 7 : libreswan (CESA-2015:1979)
Updated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...