Lucene search
K

507 matches found

Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.40 views

Mandrake Linux Security Advisory : openssl (MDKSA-2004:023)

A vulnerability was discovered by the OpenSSL group using the Codenomicon TLS Test Tool. The test uncovered a NULL pointer assignment in the dochangecipherspec function whih could be abused by a remote attacker crafting a special SSL/TLS handshake against a server that used the OpenSSL library in...

7.5CVSS8.1AI score0.10424EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.36 views

Mandrake Linux Security Advisory : openssl (MDKSA-2002:046-1)

An audit of the OpenSSL code by A.L. Digital Ltd and The Bunker, under the DARPA program CHATS, discovered a number of vulnerabilities in the OpenSSL code that are all potentially remotely exploitable. From the OpenSSL advisory : 1. The client master key in SSL2 could be oversized and overrun a...

7.5CVSS6.1AI score0.8982EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.37 views

SuSE-SA:2004:007: openssl

The remote host is missing the patch for the advisory SuSE-SA:2004:007 openssl. OpenSSL is an implementation of the Secure Socket Layer SSL v2/3 and Transport Layer Security TLS v1 protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications...

7.5CVSS8.2AI score0.10424EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.46 views

Fedora Core 1 : openssl-0.9.7a-33.10 (2004-095)

This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE-2004-0079 and CVE-2003-0851. Also included are updates for the OpenSSL 0.9.6 and 0.9.6b compatibility libraries included in Fedora Core 1, fixing a separate issue...

7.5CVSS8.1AI score0.09537EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.46 views

RHEL 3 : openssl (RHSA-2004:120)

Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer Security TLS v1 protocols, and serves as a full-strength general purpose cryptography...

7.5CVSS8.1AI score0.10424EPSS
Exploits0References9
securityvulns
securityvulns
added 2004/03/19 12:0 a.m.62 views

US-CERT Technical Cyber Security Alert TA04-078A -- Multiple Vulnerabilities in OpenSSL

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA04-078A Multiple Vulnerabilities in OpenSSL Original release date: March 18, 2004 Last revised: -- Source: US-CERT Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview Several...

5CVSS0.5AI score0.10424EPSS
Exploits0
securityvulns
securityvulns
added 2004/03/19 12:0 a.m.34 views

Multiple OpenSSL DoS bugs

Few bugs patched during product audit...

1.4AI score
Exploits0References2Affected Software5
RedHat Linux
RedHat Linux
added 2004/03/17 10:23 p.m.4 views

Important: Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities

Updated OpenSSL packages that fix several remote denial of service vulnerabilities are now available. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. Testing performe...

7.5CVSS7.5AI score0.10424EPSS
Exploits0References2
Debian
Debian
added 2004/03/17 8:14 p.m.43 views

[SECURITY] [DSA 465-1] New openssl packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 465-1 [email protected] http://www.debian.org/security/ Matt Zimmerman March 17th, 2004 http://www.debian.org/security/faq -...

9.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/03/17 5:20 p.m.6 views

Important: Red Hat Security Advisory: apache, openssl security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available that fix security issues affecting OpenSSL and the Apache HTTP Server. A number of bug fixes are also included. Stronghold 4 contains a number of open source technologies, including OpenSSL 0.9.6 and the Apache HTTP Server. Testing...

7.5CVSS7.8AI score0.1273EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2004/03/17 12:0 a.m.47 views

Multiple OpenSSL Vulnerabilities

Background The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library...

7.5CVSS7.6AI score0.10424EPSS
Exploits0
F5 Networks
F5 Networks
added 2004/02/22 12:0 a.m.29 views

SOL3082 - Multiple vulnerabilities in OpenSSL - CAN-2004-0081, CAN-2004-0079, CAN-2004-0112

F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS 4.5.11 and 4.6.1. Obtaining and installing patches The TA04-078A patch has been issued for BIG-IP and 3-DNS 4.5.9 and 4.6. You may download the TA04-078A patch by navigating to the BIG-IP BIG-IP v4.x 4.5 section of the...

3.3AI score0.10424EPSS
Exploits0
Debian
Debian
added 2003/10/11 1:54 p.m.34 views

[SECURITY] [DSA 394-1] New openssl095 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 394-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2003 http://www.debian.org/security/faq -...

10AI score
Exploits0
OSV
OSV
added 2003/10/11 12:0 a.m.58 views

DSA-394 openssl095 - ASN.1 parsing vulnerability

Bulletin has no description...

10CVSS8.4AI score0.85449EPSS
Exploits0
seebug.org
seebug.org
added 2003/10/09 12:0 a.m.13 views

Brute forcer for OpenSSL ASN.1 parsing bugs (<=0.9.6j <=0.9.7b)

No description provided by source. / Brute forcer for OpenSSL ASN.1 parsing bugs =0.9.6j =0.9.7b written by Bram Matthys Syzop on Oct 9 2003. This program sends corrupt client certificates to the SSL server which will 1 crash it 2 create lots of error messages, and/or 3 result in other...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2003/10/09 12:0 a.m.14 views

OpenSSL - ASN.1 Parsing

OpenSSL - ASN.1 Parsing // source: https://www.securityfocus.com/bid/8732/info Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. Attackers could exploit these issues to cause a denial of service or to execute arbitrary code. / Brute forcer for OpenSSL ASN.1 parsing bugs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/09 12:0 a.m.48 views

OpenSSL - ASN.1 Parsing

// source: https://www.securityfocus.com/bid/8732/info Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. Attackers could exploit these issues to cause a denial of service or to execute arbitrary code. / Brute forcer for OpenSSL ASN.1 parsing bugs include include include...

7AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2003/10/03 12:0 a.m.6 views

FreeBSD-SA-03:18.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced: 2003-10-03 Credits...

6.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2003/09/30 12:16 p.m.5 views

Moderate: Red Hat Security Advisory: mod_ssl, openssl security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available that fix several security issues affecting OpenSSL and modssl. A number of bug fixes and new features are also included. Stronghold 4 contains a number of open source technologies, including OpenSSL 0.9.6 and modssl. NISCC testing of...

6.4CVSS7.4AI score0.24647EPSS
Exploits0References3
securityvulns
securityvulns
added 2003/09/30 12:0 a.m.63 views

[Full-Disclosure] [OpenSSL Advisory] Vulnerabilities in ASN.1 parsing

-----BEGIN PGP SIGNED MESSAGE----- OpenSSL Security Advisory 30 September 2003 Vulnerabilities in ASN.1 parsing ================================ NISCC www.niscc.gov.uk prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificate...

10CVSS0.3AI score0.85449EPSS
Exploits0
Rows per page
Query Builder