17 matches found
OpenSSL: Man in the Middle Attack (CVE-2005-2969) - Windows
OpenSSL is prone to a man in the middle attack. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenSSL: Man in the Middle Attack (CVE-2005-2969) - Linux
OpenSSL is prone to a man in the middle attack. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)
Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This...
Solaris Update for kernel 120011-14
Check for the Version of kernel OpenVAS Vulnerability Test Solaris Update for kernel 120011-14 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
Solaris 10 (sparc) : 121229-02
SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 888-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 888-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 882-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 881-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
SUSE-SA:2005:061: openssl
The remote host is missing the patch for the advisory SUSE-SA:2005:061 openssl. The openssl cryptographic libraries have been updated to fix a protocol downgrading attack which allows a man-in-the-middle attacker to force the usage of SSLv2. This happens due to the work-around code of...
Fedora Core 4 : openssl-0.9.7f-7.10 / openssl097a-0.9.7a-3.1 (2005-986)
The remote Fedora Core host is missing one or more security updates : openssl-0.9.7f-7.10 : - Wed Oct 12 2005 Tomas Mraz 0.9.7f-7.10 - fix CVE-2005-2969 - remove SSLOPMSIESSLV2RSAPADDING which disables the countermeasure against man in the middle attack in SSLv2 169863 - more fixes for constant...
Fedora Core 3 : openssl-0.9.7a-42.2 / openssl096b-0.9.6b-21.2 (2005-985)
The remote Fedora Core host is missing one or more security updates : openssl-0.9.7a-42.2 : - Tue Oct 11 2005 Tomas Mraz 0.9.7a-42.2 - fix CVE-2005-2969 - remove SSLOPMSIESSLV2RSAPADDING which disables the countermeasure against man in the middle attack in SSLv2 169863 - more fixes for constant...
RHEL 2.1 / 3 / 4 : openssl (RHSA-2005:800)
Updated OpenSSL packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as we...
Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)
Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various...
CVE-2005-2969
OpenSSL CVE-2005-2969 enables a protocol-version rollback attack (via SSL_OP_MSIE_SSLV2_RSA_PADDING) that can cause a client and server to negotiate a weaker protocol. Public disclosures in Debian advisories (DSA-875/881/882) show the fix across OpenSSL 0.9.4–0.9.7 lines with upgraded packages (e...
openssl, openssl095a, openssl096 security update
CentOS Errata and Security Advisory CESA-2005:800-01 Updated OpenSSL packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v...
Vulnerability in OpenSSL CVE-2005-2969
A deprecated option, SSLOPMISESSLV2RSAPADDING, could allow an attacker acting as a “man in the middle” to force a connection to downgrade to SSL 2.0 even if both parties support better protocols. Found by researcher...