Lucene search
K

117 matches found

NVD
NVD
added 2014/02/18 12:55 a.m.24 views

CVE-2014-0627

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state...

5CVSS6.6AI score0.01531EPSS
Exploits0References1
Prion
Prion
added 2014/02/18 12:55 a.m.17 views

Design/Logic Flaw

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state...

5CVSS7.2AI score0.01531EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2014/02/18 12:0 a.m.29 views

CVE-2014-0627

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state...

6.6AI score0.01531EPSS
Exploits0References1
CVE
CVE
added 2014/02/18 12:0 a.m.52 views

CVE-2014-0627

Summary: CVE-2014-0627 affects EMC RSA BSAFE SSL-J (SSL-J) 5.x before 5.1.3 and 6.x before 6.0.2. The SSLEngine API can reveal information by using the wrap method after the Finished message in an incomplete handshake, potentially allowing an attacker to trigger a weak cipher suite. Impact: Infor...

5CVSS6.8AI score0.01531EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2013/09/08 4:0 p.m.24 views

CVE-2013-0531

The SSL implementation in IBM Security AppScan Enterprise before 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

5.8AI score0.00721EPSS
Exploits1References2
NVD
NVD
added 2012/06/17 3:41 a.m.19 views

CVE-2012-2668

libraries/libldap/tlsm.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive...

4.3CVSS9.4AI score0.04114EPSS
Exploits0References15
Atlassian
Atlassian
added 2012/03/27 6:46 p.m.17 views

Improve the default SSL cipherset in standalone JIRA setup

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-27681. panel We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions wou...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/03/27 6:46 p.m.21 views

Improve the default SSL cipherset in standalone JIRA setup

We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions would be helpful...

1.4AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2012/03/01 12:0 a.m.1972 views

SSL/TLS: Report Weak Cipher Suites

This routine reports all weak SSL/TLS cipher suites accepted by a service. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.9986EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2012/03/01 12:0 a.m.237 views

SSL/TLS: Report Non Weak Cipher Suites

This routine reports all Non Weak SSL/TLS cipher suites accepted by a service. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2011/01/28 12:0 a.m.290 views

Huawei HG default WEP/WPA generator

Hi, Huawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. The following documents detail the process of developing a key generator for these devices. English: http://websec.ca/blog/view/mac2wepkeyhuawei Espao...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/08 12:0 a.m.460 views

SSL Weak Cipher Suites Supported

The remote host supports the use of SSL ciphers that offer weak encryption. Note: This is considerably easier to exploit if the attacker is on the same physical network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid26928; scriptversion"1.31";...

5.4AI score
Exploits0References1
CVE
CVE
added 2006/11/30 4:0 p.m.60 views

CVE-2006-4407

CVE-2006-4407 affects Apple Mac OS X Security Framework Secure Transport. The issue arises when negotiating the strongest shared cipher: due to an incorrect priority order, Secure Transport may choose a weaker cipher, potentially enabling a remote attacker to decrypt traffic. Documents consistent...

5CVSS6AI score0.01724EPSS
Exploits2References9Affected Software1
Cvelist
Cvelist
added 2006/06/24 1:0 a.m.16 views

CVE-2006-3204

Ultimate PHP Board UPB 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext by obtaining the plaintext password, which is sent when logging in, and the...

6.7AI score0.01811EPSS
Exploits1References3
Prion
Prion
added 2006/03/23 11:6 a.m.16 views

Design/Logic Flaw

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server OES sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session...

5CVSS7.2AI score0.0313EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2006/03/23 11:0 a.m.56 views

CVE-2006-0998

The CVE-2006-0998 issue affects Novell NetWare 6.5 and Novell Open Enterprise Server (OES) where the SSL server implementation in NILE.NLM can select a weak cipher instead of an available stronger cipher. This weak cipher choice enables remote attackers to sniff and potentially decrypt SSL sessio...

5CVSS6.7AI score0.0313EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2006/03/23 11:0 a.m.27 views

CVE-2006-0998

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server OES sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session...

6.7AI score0.0313EPSS
Exploits0References9
Rows per page
Query Builder