Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.35 views

Oracle: Security Advisory (ELSA-2009-1335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.80134EPSS
Exploits20References2
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.41 views

RHEL 5 : openssl (RHSA-2009:1335)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1335 advisory. - openssl: mimehdrcmp NULL dereference crash CVE-2006-7250 - openssl: ASN1 printing crash CVE-2009-0590 - OpenSSL: DTLS epoch record buffer...

5CVSS7.4AI score0.80134EPSS
Exploits20References17
Tenable Nessus
Tenable Nessus
added 2010/06/01 12:0 a.m.47 views

VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates

a. Service Console update for COS kernel Updated COS package 'kernel' addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286,...

10CVSS7.4AI score0.80134EPSS
Exploits61References44
securityvulns
securityvulns
added 2010/04/26 12:0 a.m.119 views

[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02029444 Version: 1 HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, Denial of Service DoS, Execution of Arbitrary Code,...

10CVSS0.8AI score0.80134EPSS
Exploits23
ALT Linux
ALT Linux
added 2010/02/26 12:0 a.m.38 views

Security fix for the ALT Linux 9 package openssl10 version 0.9.8m-alt1

Feb. 26, 2010 Evgeny Sinelnikov 0.9.8m-alt1 - Updated to 0.9.8m with security fixes and improvements, including: + CVE-2009-3245, CVE-2008-1678 + CVE-2009-1377, CVE-2009-1378, CVE-2009-1379 + CVE-2009-1387 closes: 20280 + CVE-2009-4355 closes: 22817, 23037 + patch for Cisco VPN client DTLS...

10CVSS6.6AI score0.18241EPSS
Exploits18
ALT Linux
ALT Linux
added 2010/02/26 12:0 a.m.114 views

Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8m-alt1

Feb. 26, 2010 Evgeny Sinelnikov 0.9.8m-alt1 - Updated to 0.9.8m with security fixes and improvements, including: + CVE-2009-3245, CVE-2008-1678 + CVE-2009-1377, CVE-2009-1378, CVE-2009-1379 + CVE-2009-1387 closes: 20280 + CVE-2009-4355 closes: 22817, 23037 + patch for Cisco VPN client DTLS...

10CVSS7AI score0.18241EPSS
Exploits18
ALT Linux
ALT Linux
added 2010/02/26 12:0 a.m.135 views

Security fix for the ALT Linux 8 package openssl10 version 0.9.8m-alt1

Feb. 26, 2010 Evgeny Sinelnikov 0.9.8m-alt1 - Updated to 0.9.8m with security fixes and improvements, including: + CVE-2009-3245, CVE-2008-1678 + CVE-2009-1377, CVE-2009-1378, CVE-2009-1379 + CVE-2009-1387 closes: 20280 + CVE-2009-4355 closes: 22817, 23037 + patch for Cisco VPN client DTLS...

10CVSS6.5AI score0.18241EPSS
Exploits18
ALT Linux
ALT Linux
added 2010/02/26 12:0 a.m.116 views

Security fix for the ALT Linux 6 package openssl10 version 0.9.8m-alt1

Feb. 26, 2010 Evgeny Sinelnikov 0.9.8m-alt1 - Updated to 0.9.8m with security fixes and improvements, including: + CVE-2009-3245, CVE-2008-1678 + CVE-2009-1377, CVE-2009-1378, CVE-2009-1379 + CVE-2009-1387 closes: 20280 + CVE-2009-4355 closes: 22817, 23037 + patch for Cisco VPN client DTLS...

10CVSS7.2AI score0.18241EPSS
Exploits18
OpenVAS
OpenVAS
added 2009/12/14 12:0 a.m.32 views

Gentoo Security Advisory GLSA 200912-01 (openssl)

The remote host is missing updates announced in advisory GLSA 200912-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5.8CVSS0.3AI score0.87264EPSS
Exploits29
OpenVAS
OpenVAS
added 2009/10/11 12:0 a.m.35 views

SLES11: Security update for OpenSSL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libopenssl098 openssl openssl-doc More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references...

5CVSS7.1AI score0.80134EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.48 views

Mandrake Security Advisory MDVSA-2009:238 (openssl)

The remote host is missing an update to openssl announced via advisory MDVSA-2009:238. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5.1CVSS6.7AI score0.80134EPSS
Exploits12References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.41 views

SuSE 11 Security Update : OpenSSL (SAT Patch Number 990)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...

5CVSS6.9AI score0.80134EPSS
Exploits10References5
OpenVAS
OpenVAS
added 2009/09/21 12:0 a.m.31 views

CentOS Security Advisory CESA-2009:1335 (openssl)

The remote host is missing updates to openssl announced in advisory CESA-2009:1335. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5CVSS7.5AI score0.80134EPSS
Exploits20References2
OSV
OSV
added 2009/09/16 12:0 a.m.39 views

DSA-1888-1 openssl - cryptographic weakness

Bulletin has no description...

5.1CVSS6.8AI score0.04506EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.56 views

openSUSE Security Update : libopenssl-devel (libopenssl-devel-974)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5CVSS6.9AI score0.80134EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2009/06/26 12:0 a.m.47 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerabilities (USN-792-1)

It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. CVE-2009-1377 It was discovered that...

5CVSS7.1AI score0.80134EPSS
Exploits20References6
seebug.org
seebug.org
added 2009/06/22 12:0 a.m.110 views

OpenSSL dtls1_retrieve_buffered_fragment()函数握手消息拒绝服务漏洞

BUGTRAQ ID: 35417 CVECAN ID: CVE-2009-1387 OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。 OpenSSL在接收到带有非预期序列号的握手消息时会将其传送给dtls1processoutofseqmessage函数。如果序列号低于预期值,这个函数会丢弃数据;如果为之后的消息,函数会缓冲数据。在丢弃数据时,消息碎片长度保持为0,说明没有缓冲任何数据。由于检查长度所用的错误if条件,有时会缓冲没有数据但长度为丢弃消息长度的碎片,之后在进行处理的时候会导致总线错误。 OpenSSL 0.9.x...

5CVSS0.10254EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/06/18 12:0 a.m.34 views

openSUSE 10 Security Update : libopenssl-devel (libopenssl-devel-6291)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5CVSS6.9AI score0.80134EPSS
Exploits10References2
NVD
NVD
added 2009/06/04 4:30 p.m.22 views

CVE-2009-1387

The dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence DTLS handshake message, related to a "fragment bug."...

5CVSS7.2AI score0.10254EPSS
Exploits1References22
CVE
CVE
added 2009/06/04 4:0 p.m.139 views

CVE-2009-1387

CVE-2009-1387 affects the OpenSSL DTLS implementation. The vulnerability resides in the function dtls1_retrieve_buffered_fragment (ssl/d1_both.c) in OpenSSL before 1.0.0 Beta 2, where an out-of-sequence DTLS handshake message can trigger a NULL pointer dereference and daemon crash, i.e., a denial...

5CVSS6.4AI score0.10254EPSS
Exploits1References22Affected Software1
Rows per page
Query Builder