81 matches found
CVE-2020-28395
A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0704)
An oracle protection mechanism in the getclientmasterkey function in s2srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier fo...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0703)
The getclientmasterkey function in s2srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT- MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0800)
A cross-protocol attack was discovered that could allow an attacker to decrypt intercepted TLS sessions by using a server supporting SSLv2 as a Bleichenbacher RSA padding oracle. In order to exploit the vulnerability, the attacker must have network access to the affected devices and must be in a...
Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-2176)
The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service buffer over-read via crafted EBCDIC ASN.1 data. This plugin only works with...
Siemens SCALANCE X-200RNA Switch Devices Uncontrolled Resource Consumption (CVE-2016-6307)
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted TLS messages, related to statem/statem.c and statem/statemlib.c. This plugin onl...
Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2015-6565)
sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence. This plugin only works with...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-2183)
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3195)
The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...
Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-2179)
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of- order messages, which allows remote attackers to cause a denial of service memory consumption by maintaining many crafted DTLS sessions simultaneously, related t...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-0290)
The multi-block feature in the ssl3writebytes function in s3pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service pointer corruption and application crash...
Siemens SCALANCE X-200RNA Switch Devices Comparison of Incompatible Types (CVE-2015-0286)
The ASN1TYPEcmp function in crypto/asn1/atype.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service invalid read operation and application crash...
Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-0289)
The PKCS7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service NULL pointer dereference and application crash by leveraging an applicati...
Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2015-8325)
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Siemens SCALANCE X-200RNA Switch Devices Out-of-bounds Read (CVE-2016-2180)
The TSOBJprintbio function in crypto/ts/tslib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol TSP implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted time- stamp file that is mishandled b...
Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2016-10011)
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. This plugin only works with Tenable.ot. Please visi...
Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2015-0293)
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service s2lib.c assertion failure and daemon exit via a crafted CLIENT-MASTER-KEY message. This plugin only works with Tenable.ot...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-2107)
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability...
Siemens SCALANCE X-200RNA Switch Devices Improper Authentication (CVE-2016-1908)
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues ...
Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-10012)
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...