507 matches found
[Full-Disclosure] [OpenSSL Advisory] Vulnerabilities in ASN.1 parsing
-----BEGIN PGP SIGNED MESSAGE----- OpenSSL Security Advisory 30 September 2003 Vulnerabilities in ASN.1 parsing ================================ NISCC www.niscc.gov.uk prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificate...
Important: Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Updated OpenSSL packages that fix potential timing-based and modified Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and pSeries systems. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer...
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 288-1 [email protected] http://www.debian.org/security/ Martin Schulze April 17th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 288-1 [email protected] http://www.debian.org/security/ Martin Schulze April 17th, 2003 http://www.debian.org/security/faq -...
DSA-288 openssl - several vulnerabilities
Bulletin has no description...
Important: Red Hat Security Advisory: openssl security update for Stronghold
Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are now available. Stronghold 3 contains a number of open source technologies including OpenSSL. Two issues in OpenSSL have recently been discovered: OpenSSL is a commercial-grade, full-featured, and open source toolkit that...
Important: Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities
Updated OpenSSL packages are available that fix a potential timing-based attack and a modified Bleichenbacher attack. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a...
Important: Red Hat Security Advisory: apache, openssl security update for Stronghold
Updated versions of cross-platform Stronghold 4 are available to fix a number of vulnerabilities in OpenSSL and Apache. Stronghold 4 contains various open source technologies such as OpenSSL and Apache. A number of issues have been found in versions of these projects: Researchers discovered a...
Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...
Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...
PT-2003-1004 · Openssl +1 · Openssl +1
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.6i OpenSSL versions prior to 0.9.7a OpenSSL-0.9.5a OpenSSL-0.9.6b OpenSSL-devel-0.9.5a OpenSSL-devel-0.9.6b OpenSSL-devel-0.9.6 ssleay affected versions not specified Description: The issue is related to multiple...
OpenSSL < 0.9.6j / 0.9.7b Multiple Vulnerabilities
According to its banner, the remote host is using a version of OpenSSL older than 0.9.6j or 0.9.7b. This version is vulnerable to a timing-based attack that could allow an attacker to guess the content of fixed data blocks and may eventually be able to guess the value of the private RSA key of th...
Multiple NetBSD Security Advisories Released/Updated
-----BEGIN PGP SIGNED MESSAGE----- With the release of NetBSD 1.6, the NetBSD project is publishing a batch of Security Advisories some of which are updates, as follows: 2002-006 buffer overrun in libc/libresolv DNS resolver x 2002-007 Repeated TIOCSCTTY ioctl can corrupt session hold counts x...
[SECURITY] [DSA-136-3] Multiple OpenSSL problems (update)
Package : openssl094 Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 There was an error in the original openssl094 packages, resulting in an incomplete fix. This error has been corrected in 0.9.4-6.potato.2 and...
[SECURITY] [DSA-136-2] Multiple OpenSSL problems (update)
Package : openssl094, openssl095, openssl Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 Note: this advisory is an update to DSA-136-1, issued 30 Jul 2002. It includes ASN1 updates in the woody packages, plus the potato...
CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...
OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities
The remote service seems to be using a version of OpenSSL that is older than 0.9.6e or 0.9.7-beta3. Such versions are affected by a buffer overflow that may allow an attacker to execute arbitrary commands on the remote host with the privileges of the application itself. TRUSTED...
FreeBSD-SA-02:33.openssl
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:33.openssl Security Advisory The FreeBSD Project Topic: openssl contains multiple vulnerabilities Category: core Module: crypto/openssl Announced: 2002-08-05 Credits: A.L...
Critical: Red Hat Security Advisory: openssl, mm, mod_ssl security update for Stronghold
A new Stronghold 3 release is available which fixes several serious buffer overflow vulnerabilities in OpenSSL, and local privilege escalation vulnerabilities in MM and modssl. OpenSSL is a commercial-grade, full-featured, and Open Source toolkit which implements the Secure Sockets Layer SSL v2/v...
CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...