17 matches found
RHEL 7 : erlang (RHSA-2018:0242)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0242 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
RHEL 7 : erlang (RHSA-2018:0528)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0528 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
Oracle Linux 7 : nss, / nss-softokn, / nss-util, / and / nspr (ELSA-2019-2237)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2237 advisory. nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 ...
Debian: Security Advisory (DLA-1207-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-12404
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...
Amazon Linux AMI : nss, nss-softokn, nss-util, nspr (ALAS-2020-1355)
The version of nspr installed on the remote host is prior to 4.21.0-1.43. The version of nss installed on the remote host is prior to 3.44.0-7.84. The version of nss-softokn installed on the remote host is prior to 3.44.0-8.44. The version of nss-util installed on the remote host is prior to...
EulerOS 2.0 SP5 : nss (EulerOS-SA-2019-2174)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the...
EulerOS 2.0 SP5 : nss-softokn (EulerOS-SA-2019-1979)
According to the version of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of...
CVE-2018-12404
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...
Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5
Some TLS implementations handle errors processing RSA key exchanges and encryption PKCS 1 v1.5 messages in a broken way that leads an adaptive chosen-chiphertext attack. Attackers cannot recover a server's private key, but they can decrypt and sign messages with it. A strong oracle occurs when th...
Updated erlang packages fix security vulnerabilities
It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys CVE-2017-1000385...
Debian DSA-4072-1 : bouncycastle - security update
Hanno Boeck, Juraj Somorovsky and Craig Young discovered that the TLS implementation in Bouncy Castle is vulnerable to an adaptive chosen ciphertext attack against RSA keys. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Code injection
On BIG-IP versions 11.6.0-11.6.2 fixed in 11.6.2 HF1, 12.0.0-12.1.2 HF1 fixed in 12.1.2 HF2, or 13.0.0-13.0.0 HF2 fixed in 13.0.0 HF3 a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA, which when...
FreeBSD Ports: openssl
The remote host is missing an update to the system as announced in the referenced advisory. VID 60eb344e-6eb1-11e1-8ad7-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 60eb344e-6eb1-11e1-8ad7-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 6054)
The following security issues have been fixed : - Specially crafted MIME headers could cause openssl's ans1 parser to dereference a NULL pointer leading to a Denial of Service CVE-2006-7250 or fail verfication. CVE-2012-1165 - The implementation of Cryptographic Message Syntax CMS and PKCS 7 in...
Mandriva Linux Security Advisory : openssl (MDVSA-2012:038)
Multiple vulnerabilities has been found and corrected in openssl : The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt...
FreeBSD : gnutls -- Adaptive Chosen Ciphertext Attack (831) (deprecated)
The remote host is missing an update to the system The following package is affected: gnutls-devel This plugin has been deprecated since the advisory has been canceled. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the VuXML entry has been cancelled. Disabled on 2011/10/02....