Lucene search
K

518 matches found

RedHat Linux
RedHat Linux
added 2012/01/09 8:3 p.m.3 views

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

4.3CVSS6.7AI score0.73327EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2011/11/14 12:0 a.m.35 views

Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 (java-1.6.0-openjdk)

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

10CVSS0.3AI score0.96714EPSS
Exploits19References2
Amazon
Amazon
added 2011/10/31 12:0 a.m.61 views

Critical: java-1.6.0-openjdk

Issue Overview: A flaw was found in the Java RMI Remote Method Invocation registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. CVE-2011-3556 A flaw was found in the Java RMI registry implementation. A remote RMI client...

10CVSS9.3AI score0.96714EPSS
Exploits19References1
RedHat Linux
RedHat Linux
added 2011/10/18 11:19 p.m.6 views

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

4.3CVSS6.7AI score0.73327EPSS
Exploits4References4
ThreatPost
ThreatPost
added 2011/09/27 4:1 p.m.7 views

Microsoft Pushes FixIt Tool to Enable Support for Newer TLS Version

Microsoft has relased a security advisory about the TLS/SSL attack developed by Juliano Rizzo and Thai Duong and also has made a FixIt tool available to help server administrators switch on support for newer versions of the protocol that aren’t vulnerable to the attack. The Microsoft advisory lay...

1AI score
Exploits0References5
OSV
OSV
added 2011/09/06 7:55 p.m.4 views

DEBIAN-CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

4.3CVSS8.4AI score0.73327EPSS
Exploits4References1
OSV
OSV
added 2010/09/17 6:0 p.m.9 views

UBUNTU-CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

2.1CVSS5.8AI score0.00386EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2010/08/26 12:0 a.m.33 views

Mod-X Cross Site Request Forgery / Cross Site Scripting

Got bored and decided to break the new website of the company I work for. Throughout I'll be dropping two new exploits that were chained to allow the changing of the administrative password of a default mod-x install. This is not a full review of mod-x, my main goal was just to break something, s...

0.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/08/02 8:43 p.m.8 views

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.8CVSS7.8AI score0.96319EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2010/07/29 4:39 p.m.7 views

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.8CVSS7.8AI score0.96319EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2010/06/17 9:2 p.m.8 views

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.8CVSS7.8AI score0.96319EPSS
Exploits5References5
OSV
OSV
added 2010/06/17 4:30 p.m.2 views

DEBIAN-CVE-2010-2063

Buffer overflow in the SMB1 packet chaining implementation in the chainreply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a crafted field in a packet...

7.5CVSS8.3AI score0.78702EPSS
Exploits5References1
Debian CVE
Debian CVE
added 2010/06/17 4:0 p.m.36 views

CVE-2010-2063

Buffer overflow in the SMB1 packet chaining implementation in the chainreply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a crafted field in a packet...

7.5CVSS7.9AI score0.78702EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2010/06/16 9:24 p.m.7 views

samba: memory corruption vulnerability

Buffer overflow in the SMB1 packet chaining implementation in the chainreply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a crafted field in a packet...

7.5CVSS6.3AI score0.78702EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2010/06/16 12:0 a.m.17 views

Samba 3.x < 3.3.13 SMB1 Packet Chaining Memory Corruption

Binary data 5572.prm...

7.5CVSS7.3AI score0.78702EPSS
Exploits5References3
UbuntuCve
UbuntuCve
added 2010/06/16 12:0 a.m.36 views

CVE-2010-2063

Buffer overflow in the SMB1 packet chaining implementation in the chainreply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a crafted field in a packet...

7.5CVSS7.5AI score0.78702EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2010/06/14 11:19 p.m.6 views

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.8CVSS7.8AI score0.96319EPSS
Exploits5References5
Zero Day Initiative
Zero Day Initiative
added 2010/04/05 12:0 a.m.55 views

Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an...

10CVSS2.8AI score0.96319EPSS
Exploits5
Vulnrichment
Vulnrichment
added 2010/04/01 4:0 p.m.13 views

CVE-2010-0840

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.7AI score0.96319EPSS
Exploits5References40
RedHat Linux
RedHat Linux
added 2010/04/01 2:56 a.m.5 views

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

9.8CVSS7.8AI score0.96319EPSS
Exploits5References5
Rows per page
Query Builder