62 matches found
F5 Networks BIG-IP : OpenSSL vulnerability (SOL15401)
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
IT-Grundschutz M4.037: Sperren bestimmter Absender-Faxnummern
IT-Grundschutz M4.037: Sperren bestimmter Absender-Faxnummern. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94202 Stand: 13. Ergänzungslieferung 13. EL. Hinweis: Cis...
openssl: record length handling integer underflow
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
Multiple OpenSSL vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM SECURITY ADVISORY First Issued: Wed Aug 1 09:25:58 CDT 2012 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory4.asc or...
Debian Security Advisory DSA 2475-1 (openssl)
The remote host is missing an update to openssl announced via advisory DSA 2475-1. OpenVAS Vulnerability Test $Id: deb24751.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2475-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
FreeBSD Ports: openssl
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian: Security Advisory (DSA-2475-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openssl: record length handling integer underflow
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : openssl vulnerabilities (USN-1451-1)
Ivan Nestlerode discovered that the Cryptographic Message Syntax CMS and PKCS 7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack MMA. CVE-2012-0884 It was discovered that an integer...
Ubuntu Update for openssl USN-1451-1
Ubuntu Update for Linux kernel vulnerabilities USN-1451-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14511.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for openssl USN-1451-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2475-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2475-1 [email protected] http://www.debian.org/security/ Raphael Geissert May 17, 2012 http://www.debian.org/security/faq -...
DSA-2475-1 openssl - integer underflow
Bulletin has no description...
CVE-2012-2333
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
CVE-2012-2333
CVE-2012-2333: OpenSSL contains an integer underflow in CBC mode when TLS 1.1/1.2 or DTLS is used, enabling a remote DoS or buffer over-read. Affected versions are OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c. The issue arises from incorrect explicit IV calculation and can ...
CVE-2012-2333
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
UBUNTU-CVE-2012-2333
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
CVE-2012-2333
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...
OpenSSL 1.0.0 < 1.0.0j Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.0j. It is, therefore, affected by a vulnerability as referenced in the 1.0.0j advisory. - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC...
Vulnerability in OpenSSL - DTLS Plaintext Recovery Attack
OpenSSL was susceptable an extension of the Vaudenay padding oracle attack on CBC mode encryption which enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS by exploiting timing differences arising during decryption processing. Found by Nadhem Alfardan and Ken...