2872 matches found
openSUSE Security Update : LibVNCServer (openSUSE-2015-851)
The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...
OpenLDAP Weak Password Vulnerability
OpenLDAP is a free and open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Foundation in the United States, which is included in Linux distributions. A security vulnerability exists in the 'nssparseciphers' function in the libraries/libldap/tlsm.c file o...
CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
DEBIAN-CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
Design/Logic Flaw
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
CVE-2015-3276
The CVE-2015-3276 entry concerns the OpenLDAP component and its function nss_parse_ciphers in tls_m.c, which does not correctly parse OpenSSL-style multi-keyword mode cipher strings. This could cause a cipher weaker than intended to be used, with an impact described as remote, unspecified. Connec...
Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or 7.0.0-OD-02. It is, therefore, potentially affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with...
openldap security update
CentOS Errata and Security Advisory CESA-2015:2131 Updated openldap packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerabili...
UBUNTU-CVE-2015-8313
GnuTLS incorrectly validates the first byte of padding in CBC modes...
CVE-2015-7286
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...
CVE-2015-7286
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...
SUSE SLED12 / SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-1)
The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...
Radancy: RC4 cipher suites detected
A group of researchers Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering and Jacob Schuldt have found new attacks against TLS that allows an attacker to recover a limited amount of plaintext from a TLS connection when RC4 encryption is used. The attacks arise from statistical fla...
Radancy: RC4 cipher suites detected
A group of researchers Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering and Jacob Schuldt have found new attacks against TLS that allows an attacker to recover a limited amount of plaintext from a TLS connection when RC4 encryption is used. The attacks arise from statistical fla...
Oracle Linux 7 : openldap (ELSA-2015-2131)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2131 advisory. 2.4.40-8 - NSS does not support string ordering 1231522 - implement and correct order of parsing attributes 1231522 - add multimask and multistrength to correct...
Oracle: Security Advisory (ELSA-2015-2131)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...