192 matches found
FreeBSD -- SSL protocol flaw
Problem Description: The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters...
Debian Security Advisory DSA 1935-1 (gnutls13 gnutls26)
The remote host is missing an update to gnutls13 gnutls26 announced via advisory DSA 1935-1. OpenVAS Vulnerability Test $Id: deb19351.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1935-1 gnutls13 gnutls26 Authors: Thomas Reinke Copyright: Copyright c 2009...
Protected Web Page Detection
The remote web server requires HTTP authentication for the following pages. Several authentication schemes are available : - Basic is the simplest, but the credentials are sent in cleartext. - NTLM provides an SSO in a Microsoft environment, but it cannot be used on both the proxy and the web...
RedHat Security Advisory RHSA-2009:1207
The remote host is missing updates to Netscape Portable Runtime NSPR and Network Security Services NSS announced in advisory RHSA-2009:1207. These updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7...
Critical: Red Hat Security Advisory: nspr and nss security update
Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...
CVE-2008-4107
The 1 rand and 2 mtrand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x an...
Fedora 7 : bind-9.4.1-7.P1.fc7 (2007-1247)
CVE-2007-2925 - allow-query-cache/allow-recursion default acls not set - workaround - disable recursion or explicitly set allow-query-cache and allow-recursion acls - CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids -...
Fedora Core 6 : bind-9.3.4-7.P1.fc6 (2007-647)
CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids - allows cache-poisoning type of attack, no workaround, affect only outgoing queries Note that Tenable Network Security has extracted the preceding description block...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix security issues. The first issue which allows remote attackers to make recursive queries only affects Slackware 12.0. More details about this issue may be found in the Common Vulnerabilities and...
CVE-2005-4197
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet...
PPTP Service Detection
The remote host seems to be running a PPTP VPN service, this service allows remote users to connect to the internal network and play a trusted rule in it. This service should be protect with encrypted username & password combinations, and should be accessible only to trusted individuals. By defau...
Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication Revision 1.0 For Public Release 2004 November 2 1500 UTC GMT - ---------------------------------------------------------------------- Contents Summary...