16 matches found
Linux Distros Unpatched Vulnerability : CVE-2008-7270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8j, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows...
OpenSSL: Multiple Vulnerabilities (CVE-2009-0129, CVE-2008-7270, CVE-2008-5077) - Windows
OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Oracle: Security Advisory (ELSA-2010-0978)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : openssl on SL4.x, SL5.x i386/x86_64
A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to change the ciphersuite associated with a cached session stored on the server, if the server enabled the SSLOPNETSCAPEREUSECIPHERCHANGEBUG option, possibly forcing the clien...
VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
a. ESX third-party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el55.7 resolving two security issues. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. b...
VMSA-2011-0013:VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
VMSA-2011-0013.3 VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0013.3 VMware Security Advisory Synopsis: VMware third party component updates for VMware vCenter Server,...
CentOS Update for openssl CESA-2010:0978 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for openssl CESA-2010:0977 centos4 i386
Check for the Version of openssl OpenVAS Vulnerability Test CentOS Update for openssl CESA-2010:0977 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
RHEL 5 : openssl (RHSA-2010:0978)
Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 4 : openssl (RHSA-2010:0977)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0977 advisory. - openssl: NETSCAPEREUSECIPHERCHANGEBUG downgrade-to-disabled ciphersuite attack CVE-2008-7270 - openssl: missing bnwexpand return value...
CentOS 5 : openssl (CESA-2010:0978)
Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
[USN-1029-1] OpenSSL vulnerabilities
=========================================================== Ubuntu Security Notice USN-1029-1 December 08, 2010 openssl vulnerabilities CVE-2008-7270, CVE-2010-4180 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openssl vulnerabilities (USN-1029-1)
It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. CVE-2010-4180 It was discovered that an old bug...
CVE-2008-7270
OpenSSL before 0.9.8j, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a...
CVE-2008-7270
CVE-2008-7270 affects OpenSSL before 0.9.8j when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, allowing an attacker to modify the session-cached ciphersuite and potentially force a disabled cipher. The issue is triggered by session cache handling and is distinct from CVE-2010-4180. Public d...
OpenSSL: Multiple Vulnerabilities (CVE-2009-0129, CVE-2008-7270, CVE-2008-5077) - Linux
OpenSSL is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...