CVE-2015-3277

Removed by vendor...

PYSEC-2017-50

Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode...

UBUNTU-CVE-2015-5244

The NSSCipherSuite option with ciphersuites enabled in modnss before 1.0.12 allows remote attackers to bypass application restrictions...

DEBIAN-CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle...

Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-0180)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Satellite Phone Encryption Calls Can be Cracked in Fractions of a Second

Security researchers have discovered a new method to decrypt satellite phone communications encrypted with the GMR-2 cipher in "real time" -- that too in mere fractions of a second in some cases. The new attack method has been discovered by two Chinese security researchers and is based on previou...

CVE-2017-10668

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the...

The Secret Code of Beatrix Potter

Interesting: As codes go, Potter's wasn't inordinately complicated. As Wiltshire explains, it was a "mono-alphabetic substitution cipher code," in which each letter of the alphabet was replaced by a symbol­ -- the kind of thing they teach you in Cub Scouts. The real trouble was Potter's own fluen...

SUSE-SU-2017:1622-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servic...

CVE-2016-3099

modns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled...

CVE-2016-3099

CVE-2016-3099 affects the mod_ns/mod_nss module used by Red Hat Enterprise Linux Desktop/Server/HPC/Workstation 7, where an attacker can force the use of certain ciphers that were not intended to be enabled. The vulnerability stems from the cipher handling in mod_ns, enabling network-exposed abus...

LocalTapiola: Possible sweet32 lahitapiola.fi

Hello Team. I run the nmap with ssl-enum script to look for new Vulnerability that is known as "SWEET32" Detail about sweet32 vuln: Cryptographic protocols like TLS, SSH, IPsec, and OpenVPN commonly use block cipher algorithms, such as AES, Triple-DES, and Blowfish, to encrypt data between client...

[ASA-201705-16] openvpn: denial of service

Arch Linux Security Advisory ASA-201705-16 ========================================== Severity: High Date : 2017-05-13 CVE-ID : CVE-2017-7478 CVE-2017-7479 Package : openvpn Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-271 Summary ======= The package openvpn...

CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

Insecure Cipher

github.com/go-macaron/macaron uses an insecure cipher for AES keys. The library uses MD5 to create AES keys which is considered insecure since MD5 is vulnerable to rainbow table attacks...

EulerOS 2.0 SP1 : openssl098e (EulerOS-SA-2017-1040)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote...

EulerOS 2.0 SP1 : mod_nss (EulerOS-SA-2016-1070)

According to the version of the modnss package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way modnss parsed certain OpenSSL-style cipher strings. As a result, modnss could potentially use ciphers that were not...

EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2017-1028)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrust...

EulerOS 2.0 SP1 : openssl (EulerOS-SA-2017-1029)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-b...