Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2008-7270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8j, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows...

4.3CVSS7AI score0.03426EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/08/30 12:0 a.m.22 views

OpenSSL: Multiple Vulnerabilities (CVE-2009-0129, CVE-2008-7270, CVE-2008-5077) - Windows

OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS7.2AI score0.05146EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.24 views

Oracle: Security Advisory (ELSA-2010-0978)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.2AI score0.09497EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.35 views

Scientific Linux Security Update : openssl on SL4.x, SL5.x i386/x86_64

A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to change the ciphersuite associated with a cached session stored on the server, if the server enabled the SSLOPNETSCAPEREUSECIPHERCHANGEBUG option, possibly forcing the clien...

10CVSS6.9AI score0.09497EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/10/28 12:0 a.m.50 views

VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

a. ESX third-party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el55.7 resolving two security issues. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. b...

10CVSS8.1AI score0.8425EPSS
Exploits29References65
VMware
VMware
added 2011/10/25 12:0 a.m.154 views

VMSA-2011-0013:VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

VMSA-2011-0013.3 VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0013.3 VMware Security Advisory Synopsis: VMware third party component updates for VMware vCenter Server,...

10CVSS9.4AI score0.8425EPSS
Exploits29References3Affected Software5
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.29 views

CentOS Update for openssl CESA-2010:0978 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS7AI score0.09497EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/01/31 12:0 a.m.28 views

CentOS Update for openssl CESA-2010:0977 centos4 i386

Check for the Version of openssl OpenVAS Vulnerability Test CentOS Update for openssl CESA-2010:0977 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

10CVSS7.2AI score0.09497EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/12/14 12:0 a.m.37 views

RHEL 5 : openssl (RHSA-2010:0978)

Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

4.3CVSS6.9AI score0.09497EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/12/14 12:0 a.m.40 views

RHEL 4 : openssl (RHSA-2010:0977)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0977 advisory. - openssl: NETSCAPEREUSECIPHERCHANGEBUG downgrade-to-disabled ciphersuite attack CVE-2008-7270 - openssl: missing bnwexpand return value...

10CVSS7.1AI score0.09497EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2010/12/14 12:0 a.m.37 views

CentOS 5 : openssl (CESA-2010:0978)

Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

4.3CVSS6.9AI score0.09497EPSS
Exploits0References4
securityvulns
securityvulns
added 2010/12/09 12:0 a.m.76 views

[USN-1029-1] OpenSSL vulnerabilities

=========================================================== Ubuntu Security Notice USN-1029-1 December 08, 2010 openssl vulnerabilities CVE-2008-7270, CVE-2010-4180 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...

4.3CVSS0.3AI score0.09497EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/12/08 12:0 a.m.37 views

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openssl vulnerabilities (USN-1029-1)

It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. CVE-2010-4180 It was discovered that an old bug...

4.3CVSS7AI score0.09497EPSS
Exploits0References3
OSV
OSV
added 2010/12/06 10:30 p.m.7 views

CVE-2008-7270

OpenSSL before 0.9.8j, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a...

7.2AI score
Exploits0References10
CVE
CVE
added 2010/12/06 10:0 p.m.110 views

CVE-2008-7270

CVE-2008-7270 affects OpenSSL before 0.9.8j when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, allowing an attacker to modify the session-cached ciphersuite and potentially force a disabled cipher. The issue is triggered by session cache handling and is distinct from CVE-2010-4180. Public d...

4.3CVSS8.1AI score0.03426EPSS
Exploits0References10Affected Software1
OpenVAS
OpenVAS
added 2009/01/09 12:0 a.m.22 views

OpenSSL: Multiple Vulnerabilities (CVE-2009-0129, CVE-2008-7270, CVE-2008-5077) - Linux

OpenSSL is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS7.3AI score0.05146EPSS
Exploits2References5
Rows per page
Query Builder