CVE-2014-0627

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state...

CVE-2014-0627

Summary: CVE-2014-0627 affects EMC RSA BSAFE SSL-J (SSL-J) 5.x before 5.1.3 and 6.x before 6.0.2. The SSLEngine API can reveal information by using the wrap method after the Finished message in an incomplete handshake, potentially allowing an attacker to trigger a weak cipher suite. Impact: Infor...

Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)

According to its banner, the remote host is running a version of Kerio Connect formerly known Kerio MailServer prior to 8.1.0. It is, therefore, affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization...

nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)

Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...

Code injection

Integrated Management Module IMM 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against 1 SSL or 2 TLS traffic...

PrisonLocker Ransomware Emerges From Criminal Underground

Security researchers from Malware Must Die uncovered new ransomware called PrisonLocker, and said the malware author is either a legitimate security researcher or is posing as one via a personal blog and Twitter handle. Malware Must Die has monitored PrisonLocker’s development since spotting it f...

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround i.e. EMPTY FRAGMENT applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reaso...

[SSLSmart] Smart SSL Cipher Enumeration

SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing. A number of tools allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed b...

[SSLDigger v1.02] Tool to assess the strength of SSL

SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be insecure. Features: full Browser Support using Microsoft Internet Explorer Browser Control support for operating the tool in batch modefor operating on multiple...

nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)

Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...

nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)

Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...

nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)

Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...

nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)

Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...

IPMI Cipher Suite 0 (Cipher Zero) Authentication Bypass Vulnerability (IPMI Protocol)

Intelligent Platform Management Interface IPMI services are prone to an authentication bypass vulnerability through the use of cipher suite 0 aka cipher zero. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Twitter Implements Perfect Forward Secrecy

Twitter took another step toward not only securing the privacy of its users’ communication over the social network, but in warding off the prying eyes of government surveillance with the implementation of Perfect Forward Secrecy. The technology thwarts the efforts of anyone who may be collecting...

Updated firefox, rootcerts, nspr & nss packages fix security vulnerabilities

Updated nspr and nss packages fix security vulnerabilities: Potentially exploitable buffer overflow in NSS before 3.15.3 that allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets CVE-2013-5605. The CERTVerifyCert function in...

CVE-2013-2061

The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...

CVE-2013-2061

The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...

DEBIAN-CVE-2013-2061

The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...

Firefox < 25.0.1 NSS and NSPR Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is a version prior to 25.0.1 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. CVE-2013-1741 - An error exists in the 'NullCipher'...