CVE-2015-0535

Technical details about CVE-2015-0535 are not provided in the connected documents. Public information that is present covers FREAK generally and related CVEs, but does not specify affected products, versions, or fixes for this exact CVE. Monitor for updates.

CVE-2015-0535

EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, relate...

AIX 5.3 TL 12 : sendmail (IV75967) (Logjam)

The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful...

AIX 6.1 TL 8 : sendmail (IV75644) (Logjam)

The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful...

Ubuntu: Security Advisory (USN-2706-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2706-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...

389-ds-base: nsSSL3Ciphers preference not enforced server side (regression)

389 Directory Server formerly Fedora Directory Server before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

USN-2696-1 openjdk-7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...

jre7-openjdk: multiple issues

CVE-2015-2590 deserialization issue in ObjectInputStream.readSerialData: ObjectInputStream's readSerialData could, in certain cases, incorrectly perform deserialization of data from serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...

Moderate: Red Hat Security Advisory: curl security, bug fix, and enhancement update

Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Gratipay: weak ssl cipher suites

i found that some of the cipher suites are weak on you domain. Here are those WEAK : DH 1024 bits p: 128, g: 128, Ys: 128 FS WEAK POC: https://www.ssllabs.com/ssltest/analyze.html?d=gratipay.com&s=23.23.184.160&latest original on Freshdesk...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

RedHat Update for java-1.7.0-openjdk RHSA-2015:1229-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle JRockit R28 < R28.3.7 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah) (Logjam)

The version of Oracle JRockit installed on the remote Windows host is R28 prior to R28.3.7. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the JCE component that allows a remote attacker to gain access to sensitive information. CVE-2015-2601 - An...

FreeBSD : mozilla -- multiple vulnerabilities (44d9daee-940c-4179-86bb-6e3ffd617869) (Logjam)

The Mozilla Project reports : MFSA 2015-59 Miscellaneous memory safety hazards rv:39.0 / rv:31.8 / rv:38.1 MFSA 2015-60 Local files or privileged URLs in pages can be opened into new tabs MFSA 2015-61 Type confusion in Indexed Database Manager MFSA 2015-62 Out-of-bound read while computing an...

OpenJDK: GCM cipher issue causing JVM crash (Security, 8067648)

Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

IBM WebSphere Application Server 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.6 (FP6) Multiple Vulnerabilities (Bar Mitzvah) (FREAK)

The IBM WebSphere Application Server running on the remote host is version 7.0 prior to 7.0.0.39, 8.0 prior to 8.0.0.11, or 8.5 prior to 8.5.5.6. It is, therefore, potentially affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as FREAK Factoring attack on...