CVE-2017-13099

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."...

SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3169-1)

This update for openssl fixes the following issues: Security issues fixed : - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - CVE-2017-3736: openssl: bnsqrx8xinternal carry bug on x8664 bsc1066242 - Out of bounds read+crash in DESfcrypt bsc1065363...

SUSE-SU-2017:3169-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - CVE-2017-3736: openssl: bnsqrx8xinternal carry bug on x8664 bsc1066242 - Out of bounds read+crash in DESfcrypt bsc1065363 ...

Amber - POC Reflective PE Packer

Amber is a proof of concept packer, it can pack regularly compiled PE files into reflective PE files that can be used as multi stage infection payloads. If you want to learn the packing methodology used inside the Amber check out below. PS: This is not a complete tool some things may break so tak...

CVE-2017-8174

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on th...

Design/Logic Flaw

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on th...

CVE-2017-8191

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

F5 Networks BIG-IP : BIG-IP SSL vulnerability (K21905460) (ROBOT)

On BIG-IP versions 11.6.0-11.6.2 fixed in 11.6.2 HF1, 12.0.0-12.1.2 HF1 fixed in 12.1.2 HF2, or 13.0.0-13.0.0 HF2 fixed in 13.0.0 HF3 a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA, which when...

CVE-2017-1000246

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...

SUSE-SU-2017:2981-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - adjust DEFAULTSUSE to meet 1.0.2 and current state bsc1027908 - out of bounds read+crash in DESfcrypt bsc1065363 - DEFAULTSUSE cipher list i...

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

FreeBSD -- WPA2 protocol vulnerability

Problem Description: A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys TK, GTK, or IGTK by replaying a specific frame that is used to manage the keys. Impact: Such reinstallation of the encryption key can result in two different types o...

Design/Logic Flaw

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault...

CVE-2017-11056

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault...

CipherScan - Find out which SSL ciphersuites are supported by a target

Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl sclient command line. Cipherscan is meant to run on all...

BSA-2017-445

Security Advisory ID : BSA-2017-445 Component : DENX Das U-Boot Revision : 3.0: Final Das U-Boot is a devicebootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper...

bouncycastle: Information disclosure in GCMBlockCipher

It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information...

bouncycastle: Information disclosure in GCMBlockCipher

It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information...

bouncycastle: Information disclosure in GCMBlockCipher

It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information...

CVE-2017-7971

A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate...