Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.23 views

OpenSSL 0.9.6 < 0.9.6i Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.6i. It is, therefore, affected by a vulnerability as referenced in the 0.9.6i advisory. - ssl3getrecord in s3pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher...

5CVSS8.3AI score0.13718EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.25 views

OpenSSL 0.9.7 < 0.9.7a Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.7a. It is, therefore, affected by a vulnerability as referenced in the 0.9.7a advisory. - ssl3getrecord in s3pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher...

5CVSS8.3AI score0.13718EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.28 views

OpenSSL: Timing-based attacks on SSL/TLS with CBC encryption (CVE-2003-0078) - Windows

OpenSSL is prone to timing-based attacks on SSL/TLS with CBC encryption. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

5CVSS6.5AI score0.13718EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.21 views

OpenSSL: Timing-based attacks on SSL/TLS with CBC encryption (CVE-2003-0078) - Linux

OpenSSL is prone to timing-based attacks on SSL/TLS with CBC encryption. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

5CVSS6.5AI score0.13718EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.37 views

Debian DSA-253-1 : openssl - information leak

A vulnerability has been discovered in OpenSSL, a Secure Socket Layer SSL implementation. In an upcoming paper, Brice Canvel EPFL, Alain Hiltgen UBS, Serge Vaudenay EPFL, and Martin Vuagnoux EPFL, Ilion describe and demonstrate a timing-based attack on CBC cipher suites used in SSL and TLS. OpenS...

5CVSS7.8AI score0.13718EPSS
Exploits0References2
CVE
CVE
added 2004/09/01 4:0 a.m.95 views

CVE-2003-0078

CVE-2003-0078 affects OpenSSL: ssl3_get_record in s3_pkt.c does not perform a MAC when padding is incorrect, causing a timing side channel that could aid padding/MAC verification discrimination and potentially lead to plaintext recovery. The vulnerability applies to OpenSSL versions before 0.9.7a...

5CVSS9.2AI score0.13718EPSS
Exploits0References20Affected Software1
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.24 views

CVE-2003-0078

ssl3getrecord in s3pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak timing discrepancy that may make it easier to launch cryptographic attacks that rely on distinguishing betwe...

5CVSS8.7AI score0.13718EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.40 views

Mandrake Linux Security Advisory : openssl (MDKSA-2003:020)

In an upcoming paper, Brice Canvel EPFL, Alain Hiltgen UBS, Serge Vaudenay EPFL, and Martin Vuagnoux EPFL, Ilion describe and demonstrate a timing-based attack on CBC ciphersuites in SSL and TLS. New versions of openssl have been released in response to this vulnerability 0.9.6i and 0.9.7a. The...

5CVSS7.9AI score0.13718EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2003/03/03 5:0 a.m.32 views

CVE-2003-0078

...

5CVSS9.4AI score0.13718EPSS
Exploits0References1
Rows per page
Query Builder