Lucene search
K

465 matches found

Ubuntu
Ubuntu
added 2019/02/18 3:43 p.m.92 views

USN-3850-2: NSS vulnerabilities

USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack...

5.9CVSS6.3AI score0.44398EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/02/15 12:0 a.m.72 views

openSUSE Security Update : mozilla-nss (openSUSE-2019-183)

This update for mozilla-nss fixes the following issues : Security issues fixed : - CVE-2018-12404: Cache side-channel variant of the Bleichenbacher attack bsc1119069. Non-security issue fixed : - Update to mozilla-nss 3.41.1 This update was imported from the SUSE:SLE-15:Update update project...

5.9CVSS6.4AI score0.44398EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/14 12:0 a.m.165 views

Security update for mozilla-nss (important)

openSUSE Security Update: Security update for mozilla-nss Announcement ID: openSUSE-SU-2019:0183-1 Rating: important References: 1119069 Cross-References: CVE-2018-12404 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

5.9CVSS6.6AI score0.44398EPSS
Exploits0References1
Veracode
Veracode
added 2019/01/15 9:21 a.m.30 views

Improper Encryption Implementation

erlang has an improper encryption implementation. The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher...

5.9CVSS5.8AI score0.22098EPSS
Exploits0References14Affected Software8
Tenable Nessus
Tenable Nessus
added 2019/01/10 12:0 a.m.41 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : NSS vulnerabilities (USN-3850-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3850-1 advisory. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perfo...

5.9CVSS6.3AI score0.44398EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2019/01/10 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.44398EPSS
Exploits1References2
OSV
OSV
added 2019/01/09 5:41 p.m.5 views

USN-3850-1 nss vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

5.9CVSS6.5AI score0.44398EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2019/01/09 5:41 p.m.268 views

USN-3850-1: NSS vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

5.9CVSS6.2AI score0.44398EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2019/01/03 4:29 p.m.4 views

CVE-2018-16870

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data...

5.9CVSS5.4AI score0.01585EPSS
Exploits0References4
OSV
OSV
added 2019/01/03 4:29 p.m.3 views

DEBIAN-CVE-2018-16870

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data...

5.9CVSS5.7AI score0.01585EPSS
Exploits0References1
OSV
OSV
added 2019/01/03 4:29 p.m.3 views

UBUNTU-CVE-2018-16870

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data...

5.9CVSS5.7AI score0.01585EPSS
Exploits0References4
OSV
OSV
added 2019/01/03 4:29 p.m.12 views

CVE-2018-16870

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data...

5.9CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2019/01/03 4:0 p.m.47 views

CVE-2018-16870

Vulnerable component: wolfSSL before 3.15.7. Root cause: variant of Bleichenbacher attack enabling TLS downgrade and potential leakage of sensitive data. Impact: data exposure risk via downgraded TLS. Remediation: upgrade to wolfSSL 3.15.7 or newer (apply vendor patch). Note: exploitation details...

5.9CVSS5.6AI score0.01585EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/12/31 12:0 a.m.40 views

openSUSE Security Update : mozilla-nspr and mozilla-nss (openSUSE-2018-1618)

This update for mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in mozilla-nss : - Update to NSS 3.40.1 bsc1119105 - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack bsc1119069 - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS respond...

5.9CVSS6.1AI score0.44398EPSS
Exploits1References5
Mageia
Mageia
added 2018/12/15 9:29 p.m.45 views

Updated nss packages fix security vulnerability

Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...

5.9CVSS2.7AI score0.44398EPSS
Exploits0References2
OSV
OSV
added 2018/12/15 9:29 p.m.7 views

MGASA-2018-0482 Updated nss packages fix security vulnerability

Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...

5.9CVSS7.5AI score0.44398EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/13 12:16 p.m.58 views

Security update for mozilla-nss (moderate)

This update for mozilla-nss to version 3.36.6 fixes the following issues: Security issues fixed: - CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random bmo1483128, boo1106873 - CVE-2018-12404: Cache side-channel variant of the...

5.4AI score0.44398EPSS
Exploits0References2
OSV
OSV
added 2018/12/12 12:0 a.m.5 views

UBUNTU-CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...

5.9CVSS6.6AI score0.44398EPSS
Exploits0References6
Slackware Linux
Slackware Linux
added 2018/12/06 5:25 a.m.63 views

[slackware-security] nettle

New nettle packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: This update fixes a security issue: A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversio...

5.7CVSS0.6AI score0.01495EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2018/12/03 9:40 p.m.36 views

[slackware-security] mozilla-nss

New mozilla-nss packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-nss-3.40.1-i586-1slack14.2.txz: Upgraded. Upgraded to nss-3.40.1 and nspr-4.20. Mitigate cache side-channel...

5.9CVSS0.4AI score0.44398EPSS
Exploits0
Rows per page
Query Builder