81 matches found
CVE-2020-28395
A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0703)
The getclientmasterkey function in s2srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT- MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0800)
A cross-protocol attack was discovered that could allow an attacker to decrypt intercepted TLS sessions by using a server supporting SSLv2 as a Bleichenbacher RSA padding oracle. In order to exploit the vulnerability, the attacker must have network access to the affected devices and must be in a...
Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2016-10011)
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. This plugin only works with Tenable.ot. Please visi...
Siemens SCALANCE X-200RNA Switch Devices Out-of-bounds Read (CVE-2016-2180)
The TSOBJprintbio function in crypto/ts/tslib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol TSP implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted time- stamp file that is mishandled b...
Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2015-0293)
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service s2lib.c assertion failure and daemon exit via a crafted CLIENT-MASTER-KEY message. This plugin only works with Tenable.ot...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-0289)
The PKCS7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service NULL pointer dereference and application crash by leveraging an applicati...
Siemens SCALANCE X-200RNA Switch Devices Cryptographic Issues (CVE-2015-4000)
The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...
Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2015-8325)
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Siemens SCALANCE X-200RNA Switch Devices Incorrect Permission Assignment for Critical Resource (CVE-2017-15906)
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Siemens SCALANCE X-200RNA Switch Devices Integer Overflow or Wraparound (CVE-2016-2177)
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap- buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to...
Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2015-0292)
Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...
Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-2109)
The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service memory consumption via a short invalid encoding. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-3194)
crypto/rsa/rsaameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. This plugin only works with Tenable.ot...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-0288)
The X509toX509REQ function in crypto/x509/x509req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service NULL pointer dereference and application crash via an invalid certificate key. This plugin only works...
Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-2179)
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of- order messages, which allows remote attackers to cause a denial of service memory consumption by maintaining many crafted DTLS sessions simultaneously, related t...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3195)
The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-0291)
The sigalgs implementation in t1lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by using an invalid signaturealgorithms extension in the ClientHello message during a renegotiation. This plugin only works with...
Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2016-6515)
The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE X-200RNA Switch Devices Comparison of Incompatible Types (CVE-2015-0286)
The ASN1TYPEcmp function in crypto/asn1/atype.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service invalid read operation and application crash...