Lucene search
K

192 matches found

FreeBSD
FreeBSD
added 2009/12/03 12:0 a.m.21 views

FreeBSD -- SSL protocol flaw

Problem Description: The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters...

2.7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/11/23 12:0 a.m.29 views

Debian Security Advisory DSA 1935-1 (gnutls13 gnutls26)

The remote host is missing an update to gnutls13 gnutls26 announced via advisory DSA 1935-1. OpenVAS Vulnerability Test $Id: deb19351.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1935-1 gnutls13 gnutls26 Authors: Thomas Reinke Copyright: Copyright c 2009...

7.5CVSS0.4AI score0.04506EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/08/21 12:0 a.m.94 views

Protected Web Page Detection

The remote web server requires HTTP authentication for the following pages. Several authentication schemes are available : - Basic is the simplest, but the credentials are sent in cleartext. - NTLM provides an SSO in a Microsoft environment, but it cannot be used on both the proxy and the web...

5.5AI score
Exploits0
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.40 views

RedHat Security Advisory RHSA-2009:1207

The remote host is missing updates to Netscape Portable Runtime NSPR and Network Security Services NSS announced in advisory RHSA-2009:1207. These updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2009/08/12 2:31 p.m.49 views

Critical: Red Hat Security Advisory: nspr and nss security update

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References4
UbuntuCve
UbuntuCve
added 2008/09/18 5:59 p.m.37 views

CVE-2008-4107

The 1 rand and 2 mtrand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x an...

5.1CVSS5.9AI score0.03013EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.32 views

Fedora 7 : bind-9.4.1-7.P1.fc7 (2007-1247)

CVE-2007-2925 - allow-query-cache/allow-recursion default acls not set - workaround - disable recursion or explicitly set allow-query-cache and allow-recursion acls - CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids -...

5.8CVSS6.6AI score0.1309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/07/27 12:0 a.m.29 views

Fedora Core 6 : bind-9.3.4-7.P1.fc6 (2007-647)

CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids - allows cache-poisoning type of attack, no workaround, affect only outgoing queries Note that Tenable Network Security has extracted the preceding description block...

4.3CVSS6.6AI score0.1309EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2007/07/26 10:15 p.m.40 views

[slackware-security] bind

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix security issues. The first issue which allows remote attackers to make recursive queries only affects Slackware 12.0. More details about this issue may be found in the Common Vulnerabilities and...

5.8CVSS7.7AI score0.1309EPSS
Exploits0
NVD
NVD
added 2005/12/13 11:3 a.m.12 views

CVE-2005-4197

tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet...

7.5CVSS7.6AI score0.11852EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.17 views

PPTP Service Detection

The remote host seems to be running a PPTP VPN service, this service allows remote users to connect to the internal network and play a trusted rule in it. This service should be protect with encrypted username & password combinations, and should be accessible only to trusted individuals. By defau...

6.8AI score
Exploits0References1
securityvulns
securityvulns
added 2004/11/03 12:0 a.m.20 views

Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication Revision 1.0 For Public Release 2004 November 2 1500 UTC GMT - ---------------------------------------------------------------------- Contents Summary...

Exploits0
Rows per page
Query Builder