Lucene search
+L

916 matches found

Tenable Nessus
Tenable Nessus
added 2010/06/16 12:0 a.m.61 views

Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities

According to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.32. It is, therefore, affected by the following vulnerabilities : - The remote Apache Tomcat install is vulnerable to a denial of service attack. If directory listing is...

5CVSS4.9AI score0.72168EPSS
Exploits10References8
OpenVAS
OpenVAS
added 2010/04/16 12:0 a.m.139 views

SSL/TLS: Cipher Settings

This plugin allows to overwrite the internal classification of SSL/TLS Ciphers used for the reporting of Strong, Medium and Weak Ciphers within the following VTs: - SSL/TLS: Report Non Weak Cipher Suites OID: 1.3.6.1.4.1.25623.1.0.103441 - SSL/TLS: Report Medium Cipher Suites OID:...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/11/19 5:30 p.m.39 views

CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

3.7CVSS6.8AI score0.15395EPSS
Exploits1References2
Nmap
Nmap
added 2008/11/06 2:52 a.m.276 views

sslv2 NSE Script

Determines whether the server supports obsolete and less secure SSLv2, and discovers which ciphers it supports. Script Arguments mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username See...

10CVSS9.4AI score0.99448EPSS
Exploits33
RedHat Linux
RedHat Linux
added 2008/08/13 2:16 p.m.15 views

openssl get_shared_ciphers overflow

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

10CVSS7AI score0.48575EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:15 p.m.5 views

openssl get_shared_ciphers overflow

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

10CVSS7AI score0.48575EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/03/28 12:0 a.m.2503 views

SSL Anonymous Cipher Suites Supported

The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a...

2.6CVSS5.3AI score0.18254EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/03/26 12:0 a.m.51 views

SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5070)

This update of tomcat fixes cross-site scripting bugs CVE-2007-2449 as well as it improves the list of supported SSL ciphers. CVE-2007-1858 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

4.3CVSS4.7AI score0.77376EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/03/26 12:0 a.m.39 views

openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-5066)

This update of tomcat improves the list of supported SSL ciphers CVE-2007-1858. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update apache2-modjk-5066. The text description of this plugin is C SUS...

2.6CVSS5.2AI score0.18254EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/03/26 12:0 a.m.52 views

openSUSE 10 Security Update : tomcat5 (tomcat5-5071)

This update of tomcat fixes cross-site-scripting bugs CVE-2007-2449 as well as it improves the list of supported SSL ciphers CVE-2007-1858. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

4.3CVSS5AI score0.77376EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2007/11/26 1:56 p.m.9 views

tomcat anonymous cipher issue

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS5.9AI score0.18254EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/11/15 1:22 p.m.2 views

openssl: SSL_get_shared_ciphers() off-by-one

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

6.8CVSS7.5AI score0.16061EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/22 10:36 a.m.5 views

openssl: SSL_get_shared_ciphers() off-by-one

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

6.8CVSS7.5AI score0.16061EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/12 11:1 a.m.8 views

openssl: SSL_get_shared_ciphers() off-by-one

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

6.8CVSS7.7AI score0.16061EPSS
Exploits0References4
OSV
OSV
added 2007/09/27 8:17 p.m.3 views

DEBIAN-CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

6.8CVSS9.9AI score0.16061EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/05/21 12:13 p.m.9 views

tomcat anonymous cipher issue

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS5.9AI score0.18254EPSS
Exploits0References4
NVD
NVD
added 2007/05/10 12:19 a.m.29 views

CVE-2007-1858

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS6.1AI score0.18254EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2007/05/10 12:19 a.m.53 views

CVE-2007-1858

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS5.9AI score0.18254EPSS
Exploits0References1
Prion
Prion
added 2007/05/10 12:19 a.m.23 views

Design/Logic Flaw

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS6.1AI score0.18254EPSS
Exploits0References22Affected Software1
RedHat Linux
RedHat Linux
added 2007/05/08 2:53 p.m.6 views

tomcat anonymous cipher issue

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS5.9AI score0.18254EPSS
Exploits0References4
Rows per page
Query Builder