CVE-2006-2461

BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic...

CVE-2006-2461

BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic...

CVE-2006-2461

BEA WebLogic Server prior to 8.1 SP4 has a QoS handling flaw that can prevent SSL-encrypted transmissions, risking exposure of sensitive network traffic. The available documents state the issue and affected version, but do not provide explicit exploit details or a remediation path; no additional ...

Encryption can not hold back my website to access in one step!- Vulnerability warning-the black bar safety net

Now use the SSL encryption technology of the web, more and more users access such pages, the first thing encountered is a security warning dialog box to inform visitors of the security certificates of the related information as shown in Figure 1）。 The user only click“Yes”button to continue for a...

[SECURITY] [DSA 896-1] New ftpd-ssl packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 896-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

POP3 Cleartext Logins Permitted

The remote host is running a POP3 daemon that allows cleartext logins over unencrypted connections. An attacker can uncover user names and passwords by sniffing traffic to the POP3 daemon if a less secure authentication mechanism eg, USER command, AUTH PLAIN, AUTH LOGIN is used. Note: This plugin...

CVE-2004-0779

The 1 Mozilla 1.6, 2 Firebird 0.7 and 3 Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site...

CVE-2004-0779

The 1 Mozilla 1.6, 2 Firebird 0.7 and 3 Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site...

Important: Red Hat Security Advisory: stunnel security update

Updated stunnel packages are now available. These updates address problems stemming from improper use of non-reentrant functions in signal handlers. Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted usin...

Important: Red Hat Security Advisory: stunnel security update

Updated stunnel packages are now available. These updates correct a potential vulnerability in stunnel's signal handling. Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over a secure connection encrypted using SSL or TLS or to provide a...

Sambar Server Cleartext Password Transmission

The remote Sambar server allows users to log in without using SSL. A man-in-the-middle attacker can exploit this to capture the passwords of the users of this server. The attacker can then use these to access the web mail accounts and modify the web pages on behalf of the users of the system. C...

Sun SunPCi II VNC Software 2.3 - Password Disclosure

Sun SunPCi II VNC Software 2.3 - Password Disclosure // source: https://www.securityfocus.com/bid/5146/info The SunPCi II card is a co-processor for a number of Solaris based systems, and provides PC software compatibility, including the ability to run Microsoft Windows. Driver software is...

Sun SunPCi II VNC Software 2.3 - Password Disclosure

// source: https://www.securityfocus.com/bid/5146/info The SunPCi II card is a co-processor for a number of Solaris based systems, and provides PC software compatibility, including the ability to run Microsoft Windows. Driver software is available for the SunPCi card, including a Virtual Network...

Stunnel: Format String Bug in versions <3.22

Don't know why this didn't get approved when I submitted it last week, but here goes again... Release Date: 2001-Dec-22 Package: stunnel Versions: stunnel-3.3 = stunnel-3.21c Problem type: format string bugs Exploit script: none currently known Severity: high Network-accessible: yes Discovery:...

FreeBSD-SA-01:05.stunnel

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:05 Security Advisory FreeBSD, Inc. Topic: stunnel contains potential remote compromise Category: ports Module: stunnel Announced: 2001-01-15 Credits: Lez , Brian Hatch...

CVE-1999-0007

Technical details for CVE-1999-0007 are not publicly available in the provided documents. Monitor for updates from authoritative sources.

CVE-1999-0007

Information from SSL-encrypted sessions via PKCS 1...