2876 matches found
Code injection
The seadroid aka Seafile Android Client application through 2.2.13 for Android always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...
Hardcoded credentials
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. An unauthenticated remote attacker could reverse engineer the cryptographic system used in the Dell Wyse Password Encoder to discover the hard coded private key and decryp...
Security update for java-11-openjdk (important)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...
Google Boosts Encryption For Low-End Android Devices
Google introduced a new storage encryption solution that it hopes will expand security efforts across its full spectrum of Android-powered devices – including low-end devices that typically can’t support encryption. The new encryption offering, Adiantum, aims to solve a big issue that has plagued...
Security Bulletin: Vulnerability in RC4 stream cipher affects MegaRAID Storage Manager (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the vulnerability. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the...
Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director.
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in January and April 2015. This bulletin also addresses the RC4 bar mitzvah attack on SSL/TLS. Vulnerability Detail...
Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in January and April 2015. This bulletin also addresses the RC4 bar mitzvah attack on SSL/TLS. Vulnerability Detail...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Systems Director Editions (CVE-2015-2808)
Summary The RC4 Bar Mitzvah Attack for SSL/TLS affects Tivoli Application Dependency Discovery Manager, IBM Tivoli Monitoring, and IBM Systems Director which are shipped as components of IBM System Director Editions. Information about the security vulnerabilityaffecting these components has been...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Flex System Manager FSM SMIA Configuration Tool also known as Network Advisor. Vulnerability Details Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange...
Security Bulletin: Vulnerability in RC4 cipher stream and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in January and April 2015. This bulletin also addresses the RC4 bar mitzvah attack on SSL/TLS. Vulnerability Detail...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Flex System Manager (FSM) (CVE-2015-2808)
Summary The RC4 Bar Mitzvah Attack for SSL/TLS affects IBM Flex System Manager FSM. Vulnerability Details Summary The RC4 Bar Mitzvah Attack for SSL/TLS affects IBM Flex System Manager FSM. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol an...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Systems Director (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Systems Director. Vulnerability Details Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Systems Director. Vulnerability Details...
Security Bulletin: Vulnerability in RC4 stream cipher affects Integrated Management Module 2 (IMM2) (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Integrated Management Module 2 IMM2. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Integrated Management Module 2 IMM2. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in...
Security Bulletin: Vulnerability in RC4 stream cipher affects Flex System Chassis Management Module (CMM) (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Flex System Chassis Management Module CMM. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Flex System Chassis Management Module CMM. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4 algorithm...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Fabric Manager (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM Fabric Manager. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM Fabric Manager. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware. (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware. Vulnerability Details CVE-ID:...
Security Bulletin: Vulnerability in RC4 stream cipher affects System x Integrated Management Module (IMM) (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects System x IMM. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects System x IMM. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM BladeCenter Advanced Management Module (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM BladeCenter Advanced Management Module. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM BladeCenter Advanced Management Module. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM ToolsCenter (CVE-2015-2808)
Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM ToolsCenter. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM ToolsCenter. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, coul...
CVE-2019-6485 - TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway
Description of Problem A vulnerability has been identified in the Citrix Application Delivery Controller ADC formally known as NetScaler ADC and NetScaler Gateway platforms using hardware acceleration that could allow an attacker to exploit the appliance to decrypt TLS traffic. This vulnerability...