SUSE SLED15 / SLES15 / openSUSE 15 Security Update : boost (SUSE-SU-2025:02536-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02536-1 advisory. - CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast bsc1245936 Tenable has extracte...

SUSE: Security Advisory (SUSE-SU-2012:0565-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: BEAST security vulnerability in IBM Tivoli Netcool Performance Manager for Wireline( CVE-2011-3389)

Summary Browser Exploit Against SSL/TLS a.k.a. BEAST vulnerability is observed. In TLS 1.0 and earlier, it is possible to predict the Initialization Vector IV of the block cipher encryption. This allows a man-in-the-middle attacker to guess the plaintext being encrypted. The affected products are...

Gratipay: SSl Weak Ciphers

Summary Websites using TLS 1.0 will be considered non-compliant by PCI after 30 June 2018. Description TLS 1.0 has several flaws. An attacker can cause connection failures and they can trigger the use of TLS 1.0 to exploit vulnerabilities like BEAST Browser Exploit Against SSL/TLS. Steps To...

Weblate: Web server is vulnerable to Beast Attack

Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites ORDER IS NOT SIGNIFICANT: TLSv1.0 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA DHERSAWITHAES256CBCSHA TLSv1.1: idem TLSv1.2 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA...

Siemens Ruggedcom Addresses BEAST Flaw in WiMax Products

The BEAST attack on some TLS implementations made major news when it was disclosed, showing that attackers could intercept and decrypt SSL-protected sessions in real time, breaking a significant portion of the confidentiality model of the protocol. Vendors rushed to patch and implement mitigation...

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround i.e. EMPTY FRAGMENT applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reaso...

SuSE 10 Security Update : Python (ZYPP Patch Number 8080) (BEAST)

The following issues have been fixed in this update : - hash randomization issues CVE-2012-115 see below - SimpleHTTPServer XSS. CVE-2011-1015 - SSL BEAST vulnerability CVE-2011-3389 The hash randomization fix is by default disabled to keep compatibility with existing python code when it extracts...

SOL13400 - SSL 3.0/TLS 1.0 BEAST vulnerability CVE-2011-3389 and TLS protocol vulnerability CVE-2012-1870

If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, the...

GLSA-200704-22 : BEAST: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200704-22 BEAST: Denial of Service BEAST, which is installed as setuid root, fails to properly check whether it can drop privileges accordingly if seteuid fails due to a user exceeding assigned resource limits. Impact : A local us...