Lucene search
K

507 matches found

securityvulns
securityvulns
added 2003/09/30 12:0 a.m.64 views

[Full-Disclosure] [OpenSSL Advisory] Vulnerabilities in ASN.1 parsing

-----BEGIN PGP SIGNED MESSAGE----- OpenSSL Security Advisory 30 September 2003 Vulnerabilities in ASN.1 parsing ================================ NISCC www.niscc.gov.uk prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificate...

10CVSS0.3AI score0.85449EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2003/06/23 5:37 p.m.10 views

Important: Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities

Updated OpenSSL packages that fix potential timing-based and modified Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and pSeries systems. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer...

7.5CVSS7.2AI score0.13718EPSS
Exploits0References3
Debian
Debian
added 2003/04/17 6:44 a.m.28 views

[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 288-1 [email protected] http://www.debian.org/security/ Martin Schulze April 17th, 2003 http://www.debian.org/security/faq -...

9.4AI score
Exploits0
Debian
Debian
added 2003/04/17 6:44 a.m.29 views

[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 288-1 [email protected] http://www.debian.org/security/ Martin Schulze April 17th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.06393EPSS
Exploits0
OSV
OSV
added 2003/04/17 12:0 a.m.59 views

DSA-288 openssl - several vulnerabilities

Bulletin has no description...

7.5CVSS8.4AI score0.06393EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2003/04/15 1:13 p.m.6 views

Important: Red Hat Security Advisory: openssl security update for Stronghold

Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are now available. Stronghold 3 contains a number of open source technologies including OpenSSL. Two issues in OpenSSL have recently been discovered: OpenSSL is a commercial-grade, full-featured, and open source toolkit that...

7.5CVSS7.3AI score0.06393EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2003/04/01 3:50 p.m.7 views

Important: Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities

Updated OpenSSL packages are available that fix a potential timing-based attack and a modified Bleichenbacher attack. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a...

7.5CVSS7.3AI score0.06393EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2003/03/28 1:43 p.m.8 views

Important: Red Hat Security Advisory: apache, openssl security update for Stronghold

Updated versions of cross-platform Stronghold 4 are available to fix a number of vulnerabilities in OpenSSL and Apache. Stronghold 4 contains various open source technologies such as OpenSSL and Apache. A number of issues have been found in versions of these projects: Researchers discovered a...

7.5CVSS7.3AI score0.17413EPSS
Exploits8References3
RedHat Linux
RedHat Linux
added 2003/03/18 11:1 a.m.13 views

Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold

Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...

7.5CVSS7.2AI score0.17413EPSS
Exploits8References2
RedHat Linux
RedHat Linux
added 2003/03/03 9:16 a.m.10 views

Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...

7.5CVSS7AI score0.13718EPSS
Exploits7References4
Positive Technologies
Positive Technologies
added 2003/03/03 12:0 a.m.4 views

PT-2003-1004 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.6i OpenSSL versions prior to 0.9.7a OpenSSL-0.9.5a OpenSSL-0.9.6b OpenSSL-devel-0.9.5a OpenSSL-devel-0.9.6b OpenSSL-devel-0.9.6 ssleay affected versions not specified Description: The issue is related to multiple...

7.5CVSS9.3AI score0.13718EPSS
Exploits0References44
Tenable Nessus
Tenable Nessus
added 2003/02/20 12:0 a.m.55 views

OpenSSL < 0.9.6j / 0.9.7b Multiple Vulnerabilities

According to its banner, the remote host is using a version of OpenSSL older than 0.9.6j or 0.9.7b. This version is vulnerable to a timing-based attack that could allow an attacker to guess the content of fixed data blocks and may eventually be able to guess the value of the private RSA key of th...

7.5CVSS8.2AI score0.13718EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/09/18 12:0 a.m.32 views

Multiple NetBSD Security Advisories Released/Updated

-----BEGIN PGP SIGNED MESSAGE----- With the release of NetBSD 1.6, the NetBSD project is publishing a batch of Security Advisories some of which are updates, as follows: 2002-006 buffer overrun in libc/libresolv DNS resolver x 2002-007 Repeated TIOCSCTTY ioctl can corrupt session hold counts x...

0.8AI score
Exploits0
Debian
Debian
added 2002/09/17 2:16 p.m.36 views

[SECURITY] [DSA-136-3] Multiple OpenSSL problems (update)

Package : openssl094 Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 There was an error in the original openssl094 packages, resulting in an incomplete fix. This error has been corrected in 0.9.4-6.potato.2 and...

5.4AI score
Exploits0
Debian
Debian
added 2002/09/16 3:11 a.m.37 views

[SECURITY] [DSA-136-2] Multiple OpenSSL problems (update)

Package : openssl094, openssl095, openssl Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 Note: this advisory is an update to DSA-136-1, issued 30 Jul 2002. It includes ASN1 updates in the woody packages, plus the potato...

6AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.22 views

CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...

7.5CVSS7.4AI score0.8982EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2002/08/05 12:0 a.m.442 views

OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities

The remote service seems to be using a version of OpenSSL that is older than 0.9.6e or 0.9.7-beta3. Such versions are affected by a buffer overflow that may allow an attacker to execute arbitrary commands on the remote host with the privileges of the application itself. TRUSTED...

7.5CVSS6.3AI score0.8982EPSS
Exploits3References6
FreeBSD Advisory
FreeBSD Advisory
added 2002/08/05 12:0 a.m.4 views

FreeBSD-SA-02:33.openssl

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:33.openssl Security Advisory The FreeBSD Project Topic: openssl contains multiple vulnerabilities Category: core Module: crypto/openssl Announced: 2002-08-05 Credits: A.L...

6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2002/07/31 3:58 p.m.5 views

Critical: Red Hat Security Advisory: openssl, mm, mod_ssl security update for Stronghold

A new Stronghold 3 release is available which fixes several serious buffer overflow vulnerabilities in OpenSSL, and local privilege escalation vulnerabilities in MM and modssl. OpenSSL is a commercial-grade, full-featured, and Open Source toolkit which implements the Secure Sockets Layer SSL v2/v...

7.8CVSS6.4AI score0.8982EPSS
Exploits3References1
Cvelist
Cvelist
added 2002/07/31 4:0 a.m.35 views

CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...

9.6AI score0.8982EPSS
Exploits2References12
Rows per page
Query Builder