Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)

Summary Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family CVE-2011-3389 Vulnerability Details Security Bulletin --- Summary --- SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the...

Debian: Security Advisory (DLA-400-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-3389

creationtimestamp| type| source ---|---|--- 2022-11-07 22:22:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/sslversion.rb 2024-01-08 12:19:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3548 2024-02-15 00:48:21+00:00| seen|...

Security Bulletin: Vulnerability in Transport Layer Security Protocol Used in IBM System Networking Ethernet Switches (CVE-2011-3389)

Abstract Earlier versions of the Transport Layer Security TLS protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability by following workarounds recommended b...

Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)

Summary SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the “BEAST” attack. SSL protocol is used by SAN Volume Controller and Storwize Family. Vulnerability Details CVE-ID : CVE-2011-3389 DESCRIPTION : Multiple products could allow a remote...

Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)

Summary Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS BEAST Mitigations CVE-2011-3389 Vulnerability Details Summary The SSL 3.0 and TLS 1.0 protocols when used with Cipher Block Chaining CBC mode with chained initialization vectors may allow man-in-the-middle...

Python < 2.6.8, 2.7.x < 2.7.3, 3.1.x < 3.1.5, 3.2.x < 3.2.3 'ssl CBC IV attack' (bpo-13885) - Linux

Python is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

SUSE: Security Advisory (SUSE-SU-2012:0122-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0114-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0565-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this system. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

ICSA-19-192-04 Siemens SIMATIC RF6XXR

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely/public exploits are available Vendor : Siemens Equipment : SIMATIC RF6XXR Vulnerabilities : Improper Input Validation, Cryptographic Issues 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow access to...

Security Bulletin: Vulnerabilities in SSL and TLS protocols affect the IBM FlashSystem V840 (CVE-2011-3389)

Summary SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the “BEAST” attack. SSL protocol is used by the IBM FlashSystem V840. Vulnerability Details CVE-ID: CVE-2011-3389 DESCRIPTION: Multiple products could allow a remote attacker to obtain...

Solaris 10 (x86) : 125359-15 (BEAST)

NSSNSPRJSS 3.13.1 Solarisx86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3. Date this patch was last updated by Sun : Feb/08/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (sparc) : 119213-27 (BEAST)

NSSNSPRJSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2. Date this patch was last updated by Sun : Feb/08/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Blockwise Chosen-boundary Attacks

github.com/openshift/origin is vulnerable to blockwise chosen-boundary attacks aka the "BEAST" attack. It encrypts data by using CBC mode with chained initialization vectors which allows attackers to obtain plaintext HTTP headers through blockwise chosen-boundary attacks on HTTPS sessions. This...

[SECURITY] [DLA 400-1] pound security update

Package : pound Version : 2.6-1+deb6u1 CVE ID : CVE-2009-3555 CVE-2011-3389 CVE-2012-4929 CVE-2014-3566 This update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy. CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as...

Oracle: Security Advisory (ELSA-2011-1380)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2011-10)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...