Lucene search
K

273 matches found

Citrix
Citrix
added 2023/08/14 12:0 a.m.12 views

SSL handshake failure when client hello contains cipher suit "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"

During SSL handshake process in packet trace: 1. After client sending "Client Hello" contains cipher suit "TLSEMPTYRENEGOTIATIONINFOSCSV " to NetScaler, NetScaler replied "server Hello "、"certificate"、"server key exchange " and "server hello done" to client. Refer pic.1 2. client replies...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.3 views

SUSE CVE-2009-2063

Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...

6.8CVSS7.3AI score0.01415EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.3 views

SUSE CVE-2014-3430

Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service resource consumption via an incomplete SSL/TLS handshake for an IMAP/POP3 connection...

5CVSS6.9AI score0.03331EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.4 views

SUSE CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

7.5CVSS6.9AI score0.19312EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/08 12:26 a.m.97 views

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.9

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.0.0.9 and IBM WebSphere Application Server Hypervisor 8.0.0.9 Vulnerability Details CVE ID:CVE-2013-6323 PI04777 and PI04880 DESCRIPTION: The Administration Console of IBM WebSphere Application...

8.5CVSS8.5AI score0.83175EPSS
Exploits13Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/08 12:26 a.m.38 views

Security Bulletin: Potential Denial of service vulnerability in IBM HTTP Server (CVE-2013-6329)

Summary A potential denial of service vulnerability in SSL handshake processing in IBM HTTP Server IHS. Vulnerability Details CVEID: CVE-2013-6329 Description: Potential denial of service in SSL handshake processing. CVSS Base Score: 7.1 CVSS Temporal Score: See...

7.8CVSS8.9AI score0.03159EPSS
Exploits1Affected Software3
Citrix
Citrix
added 2022/07/29 12:0 a.m.7 views

Citrix ADC occasionally not sending SNI to backend server in Client Hello

When enabled server side SNI + Common Name on ADC by SSL service configuration or SSL Profile, you may sporadically find ADC not sending SNI to backend server, which may cause backend SSL handshake failure...

7AI score
Exploits0
OSV
OSV
added 2022/07/14 4:0 p.m.8 views

CLSA-2022-1657814447 Fix CVE(s): CVE-2021-23214

SECURITY UPDATE: MITM attack introducing arbitrary SQL quieries - debian/patches/CVE-2021-23214.patch: Raise error if data was received during SSL handshake - CVE-2021-23214...

8.1CVSS7.1AI score0.01901EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/05/10 1:41 p.m.4 views

postgresql: server processes unencrypted bytes from man-in-the-middle

It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands...

8.1CVSS6.9AI score0.01901EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/11 3:7 p.m.49 views

Security Bulletin: Open Source OpenSSL, GNUTls, RHEL CVE-2016-8610 'SSL-Death-Alert' affects IBM Cisco switches and directors.

Summary Open Source OpenSSL is used by IBM Cisco switches and directors. IBM Cisco switches and directors has addressed the CVE. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when...

7.5CVSS0.9AI score0.39657EPSS
Exploits1Affected Software10
OSV
OSV
added 2021/11/22 8:40 a.m.5 views

OPENSUSE-SU-2021:3759-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake bsc1192516. - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake bsc1192516. - Let rpmlint ignore...

8.1CVSS6.9AI score0.01901EPSS
Exploits0References5
OSV
OSV
added 2021/11/22 8:36 a.m.4 views

SUSE-SU-2021:3757-1 Security update for postgresql96

This update for postgresql96 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake bsc1192516. - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake bsc1192516...

8.1CVSS6.9AI score0.01901EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/22 12:0 a.m.40 views

Security update for barrier (moderate)

openSUSE Security Update: Security update for barrier Announcement ID: openSUSE-SU-2021:1498-1 Rating: moderate References: Cross-References: CVE-2021-42072 CVE-2021-42073 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: This update for...

8.8CVSS7.1AI score0.01601EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.37 views

Cisco Web Security Appliance (WSA) Server Name Identification Data Exfiltration (cisco-sa-sni-data-exfil-mFgzXqLN)

According to its self-reported version, Cisco Web Security Appliance WSA is affected by a vulnerability in Server Name Identification SNI request filtering that allows an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised...

8.6CVSS6.7AI score0.01684EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/08/20 12:0 a.m.7 views

The vulnerability of the Server Name Identification (SNI) component of the Cisco Web Security Appliance internet server, the micro-programming software for Cisco Firepower Threat Defense network firewalls, and the intrusion detection systems allows a malicious actor to gain full control over the compromised host and unauthorized access to protected information.

The vulnerability of the Server Name Identification SNI component of the Cisco Web Security Appliance internet server, as well as the micro-programming software for Cisco Firepower Threat Defense and the intrusion detection system Snort, is related to SSL handshake filtering errors. Exploiting th...

5.8CVSS6.5AI score0.01684EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2021/08/18 8:15 p.m.24 views

CVE-2021-34749

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

8.6CVSS0.01684EPSS
Exploits0References3
OSV
OSV
added 2021/08/18 8:15 p.m.2 views

CVE-2021-34749

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

8.6CVSS6.3AI score0.01684EPSS
Exploits0References3
Prion
Prion
added 2021/08/18 8:15 p.m.32 views

Command injection

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

5CVSS8.5AI score0.01684EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2021/08/18 7:40 p.m.33 views

CVE-2021-34749 Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

5.8CVSS8.8AI score0.01684EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/08/18 12:0 a.m.2 views

PT-2021-3823 · Cisco · Snort +2

Name of the Vulnerable Software and Affected Versions: Cisco Web Security Appliance affected versions not specified Cisco Firepower Threat Defense affected versions not specified Snort detection engine affected versions not specified Description: A vulnerability in Server Name Identification SNI...

8.6CVSS5.9AI score0.02367EPSS
Exploits0References42
Rows per page
Query Builder