Mac OS X : Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL Vulnerabilities

The remote host has a version of Cisco AnyConnect prior to 3.15170. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the...

Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL Vulnerabilities

The remote host has a version of Cisco AnyConnect prior to 3.15170. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the...

HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server has an implementation of the OpenSSL library that is affected by the following vulnerabilities : - An error exists in the ssl3readbytes function that allows data to be injected...

Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)

The remote Windows host has a version of Cisco Jabber installed that is known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOA...

Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco TelePresence MCU device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD...

Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco ONS device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD' cache...

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)

The remote Linux host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities

The remote Windows host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)

The version of VMware Workstation installed on the remote host is version 10.x prior to 10.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA...

98% of SSL enabled websites still using SHA-1 based weak Digital Certificates

The National Institute of Standards and Technology NIST had published a document on Jan 2011 that the SHA-1 algorithm will be risky and should be disallowed after year 2013, but it was recently noticed by Netcraft experts that NIST.gov website itself were using 2014 dated SSL certificate with SHA...

Fedora Update for perl-Crypt-DSA FEDORA-2013-15786

Check for the Version of perl-Crypt-DSA OpenVAS Vulnerability Test Fedora Update for perl-Crypt-DSA FEDORA-2013-15786 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Fedora Update for perl-Crypt-DSA FEDORA-2013-15755

Check for the Version of perl-Crypt-DSA OpenVAS Vulnerability Test Fedora Update for perl-Crypt-DSA FEDORA-2013-15755 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

[SECURITY] Fedora 18 Update: perl-Crypt-DSA-1.17-10.fc18

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation...

[SECURITY] Fedora 19 Update: perl-Crypt-DSA-1.17-10.fc19

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation...

Six Security Flaws Fixed in BIND 9.9.2

A new version of the BIND DNS server software is available, fixing six security vulnerabilities and a long list of other bugs. BIND 9.9.2-P1 is mainly a security update and most of the issues it fixes are crashes and not remote code execution flaws. BIND is the overwhelming leader in market share...

DEBIAN-CVE-2011-0766

The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...

HTTP SSL Certificate Information

Parse the server SSL certificate to obtain the common name and signature algorithm...

ssl-cert NSE Script

Retrieves a server's SSL certificate. The amount of information printed about the certificate depends on the verbosity level. With no extra verbosity, the script prints the validity period and the commonName, organizationName, stateOrProvinceName, and countryName of the subject. 443/tcp open http...

Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass

Exploit for unknown platform in category remote exploits ====================================================================================== Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability...

[SECURITY] Fedora 10 Update: perl-Crypt-OpenSSL-DSA-0.13-12.fc10

Crypt::OpenSSL::DSA - Digital Signature Algorithm using OpenSSL...