Lucene search
K

717 matches found

OSV
OSV
added 2014/02/06 5:44 a.m.1 views

DEBIAN-CVE-2014-1490

Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...

9.3CVSS7.8AI score0.0399EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2014/02/06 5:44 a.m.5 views

CVE-2014-1490

Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...

9.3CVSS7.7AI score0.0399EPSS
Exploits1References38
Debian CVE
Debian CVE
added 2014/02/06 2:0 a.m.26 views

CVE-2014-1490

Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...

9.3CVSS9AI score0.0399EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2012/04/06 12:0 a.m.29 views

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : gnutls13, gnutls26 vulnerabilities (USN-1418-1)

Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption. CVE-2011-4128 Matthew Hall discovered...

5CVSS7.5AI score0.04202EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2012/03/27 10:51 p.m.15 views

gnutls: buffer overflow in gnutls_session_get_data() (GNUTLS-SA-2011-2)

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

4.3CVSS7.5AI score0.02386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/03/27 10:49 p.m.6 views

gnutls: buffer overflow in gnutls_session_get_data() (GNUTLS-SA-2011-2)

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

4.3CVSS7.5AI score0.02386EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/02/13 12:0 a.m.48 views

FreeBSD Ports: gnutls

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS8.5AI score0.02386EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.32 views

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7462)

Malicious clients could have downgraded a connection to a low strength cipher suite on session resumption if the server offers such ciphers CVE-2010-4180. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

4.3CVSS6.8AI score0.09497EPSS
Exploits0References2
CVE
CVE
added 2011/12/08 8:0 p.m.89 views

CVE-2011-4128

CVE-2011-4128 affects GnuTLS: a buffer overflow in gnutls_session_get_data in lib/gnutls_session.c can be triggered when a client uses nonstandard session resumption. A remote TLS server can cause an application crash (DoS) by sending a large SessionTicket. Affected are GnuTLS 2.12.x prior to 2.1...

4.3CVSS8.1AI score0.02386EPSS
Exploits0References15Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/11/10 12:0 a.m.38 views

FreeBSD : gnutls -- client session resumption vulnerability (bdec8dc2-0b3b-11e1-b722-001cc0476564)

The GnuTLS team reports : GNUTLS-SA-2011-2 Possible buffer overflow/Denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors...

4.3CVSS9AI score0.02386EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2011/11/08 12:0 a.m.26 views

gnutls -- client session resumption vulnerability

The GnuTLS team reports: GNUTLS-SA-2011-2 Possible buffer overflow/Denial of service...

4.3CVSS8.7AI score0.02386EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/05/04 12:0 a.m.31 views

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7463)

Malicious clients could have downgraded a connection to a low strength cipher suite on session resumption if the server offers such ciphers CVE-2010-4180. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

4.3CVSS6.8AI score0.09497EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2011/05/01 11:27 a.m.12 views

Anonymous Vs Sony : Word By Word Q/A b/w Reporters and Sony during Conference !

Anonymous Vs Sony : Word By Word Q/A b/w Reporters and Sony during Conference ! Q. The accuracy of approximately 10 million credit flow A. There is no firm evidence of leakage. Cannot say wether a leak or not. There is no report so far. Q. prospect of resuming services. A. We want to restart the...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/02/07 12:0 a.m.740 views

OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Downgrade Issue

The version of OpenSSL on the remote host has been shown to allow resuming session with a weaker cipher than was used when the session was initiated. This means that an attacker that sees i.e., by sniffing the start of an SSL connection can manipulate the OpenSSL session cache to cause subsequent...

4.3CVSS6.9AI score0.09497EPSS
Exploits0References2
CVE
CVE
added 2008/05/21 10:0 a.m.77 views

CVE-2008-1948

CVE-2008-1948 affects GnuTLS before 2.2.4. The _gnutls_server_name_recv_params function in libext_server_name.c within libgnutls/gnutls-serv mishandles the Server Names count in TLS 1.0 Client Hello extensions, causing a buffer overflow in session resumption data and potentially a crash or arbitr...

10CVSS8AI score0.12018EPSS
Exploits2References40Affected Software1
RedHat Linux
RedHat Linux
added 2008/05/20 2:56 p.m.2 views

GNUTLS-SA-2008-1-1 GnuTLS buffer overflow

The gnutlsservernamerecvparams function in lib/extservername.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service crash or...

10CVSS7.8AI score0.12018EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:48 p.m.3 views

GNUTLS-SA-2008-1-1 GnuTLS buffer overflow

The gnutlsservernamerecvparams function in lib/extservername.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service crash or...

10CVSS7.8AI score0.12018EPSS
Exploits2References4
Rows per page
Query Builder