CVE-2019-6485

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller ADC 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10....

CVE-2019-6485

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller ADC 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10....

CVE-2019-6485

Citrix ADC/NetScaler Gateway TLS Padding Oracle (CVE-2019-6485) affects Citrix ADC/NetScaler Gateway versions prior to: 12.1 build 50.31, 12.0 build 60.9, 11.1 build 60.14, 11.0 build 72.17, and 10.5 build 69.5. The vulnerability exposes plaintext data from TLS traffic when CBC-based cipher suite...

FreeBSD : OpenSSL -- Padding oracle vulnerability (7700061f-34f7-11e9-b95c-b499baebfeaf)

The OpenSSL project reports : 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...

OpenSSL -- Padding oracle vulnerability

The OpenSSL project reports: 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...

Security Bulletin: Vulnerabilities in SSLv3 and OpenSSL affect System x Integrated Management Module (IMM1) (CVE-2014-3566, CVE-2014-3568)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. This bulletin addresses the POODLE issue which affected the IMM1 as well as another issue in OpenSSL disclosed in October 2014. Vulnerability Details Abstract SSLv...

Citrix NetScaler Gateway TLS Padding Oracle Vulnerability (CTX240139)

The remote Citrix NetScaler device is affected by a TLS padding oracle vulnerability. An attacker may be able to leverage this vulnerability to decrypt TLS traffic. Please refer to advisory CTX240139 for more information. Note appliances with all CBC-based ciphers disabled are not affected by thi...

CVE-2019-6485 - TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway

Description of Problem A vulnerability has been identified in the Citrix Application Delivery Controller ADC formally known as NetScaler ADC and NetScaler Gateway platforms using hardware acceleration that could allow an attacker to exploit the appliance to decrypt TLS traffic. This vulnerability...

Padding Oracle Attack

httpd is vulnerable to padding oracle attack. It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a...

Information Leakage

The GnuTLS library is susceptible to information leakage. When CBC-mode cipher is used, attacker can use a TLS/SSL server as a padding oracle to decrypt the encrypted packets...

USN-3850-1 nss vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.25. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the modsessioncrypto module due to encryption for data and cookies using the configured ciphers with possibly either...

Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities

Question Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities Answer IN THIS ARTICLE Abstract Vulnerability Details Affected products and versions Remediation apache 2.2 Nginx asperanoded asperahttpd Cygwin-SSH server Abstract OpenSSL vulnerabilities are disclosed by...

Padding Oracle Attack

OpenSSL is vulnerable to padding oracle attacks. The library does not properly validate the RSA padding which allows microarchitectural and timing side channel attacks...

Cross site scripting

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases...

DEBIAN-CVE-2018-16869

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases...

UBUNTU-CVE-2018-16869

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases...

DEBIAN-CVE-2018-16868

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

CVE-2018-16869

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases...

CVE-2018-16868

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...