Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2013-0166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCS...

5CVSS7.3AI score0.1965EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 7:29 p.m.42 views

K14261: OpenSSL OCSP vulnerability CVE-2013-0166

Security Advisory Description OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for Online Certificate Status Protocol OCSP responses, which allow remote attackers to cause a denial-of-service DoS NULL pointer dereference and...

8AI score
Exploits0Affected Software13
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 3:31 a.m.36 views

Security Bulletin: Multiple vulnerabilities exist in the OpenSSL component of IBM Initiate Master Data Service and IBM InfoSphere Master Data Management Standard Edition (CVE-2013-0166, CVE-2013-0166, CVE-2012-2686)

Abstract Three security vulnerabilities exist in the version of OpenSSL shipped with IBM Initiate Master Data Service and IBM InfoSphere Master Data Management Standard Edition. See the individual descriptions for the details. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0166 DESCRIPTION: A fl...

5CVSS0.2AI score0.39593EPSS
Exploits3Affected Software2
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.23 views

Slackware: Security Advisory (SSA:2013-040-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.8AI score0.39593EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/08/17 12:0 a.m.25 views

OpenSSL: OCSP Invalid Key DoS Issue (20130205) - Windows

OpenSSL is prone to a denial of service attack. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5CVSS7.4AI score0.1965EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2013:0549-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.35584EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2013:0554-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.3AI score0.35584EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:37 p.m.45 views

Security Bulletin: IBM Tivoli Network Manager - GSKit Security Vulnerabilities (CVE-2013-0169), (CVE-2012-2190) and (CVE-2013-0166)

Summary OpenSSL Security Advisory updates Feb 2013: GSKit Lucky 13 TLS CBC Timing Attack - CVE-2013-0169. A vulnerability in relation to Session ID Lengths and SSL/TLS Server has been discovered that impacts GSKit - CVE-2012-2190. OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1...

5CVSS2.1AI score0.35584EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.36 views

Oracle: Security Advisory (ELSA-2013-0587)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.9AI score0.35584EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.37 views

Gentoo Security Advisory GLSA 201312-03

Gentoo Linux Local Security Checks GLSA 201312-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.2AI score0.48298EPSS
Exploits12References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.29 views

Amazon Linux: Security Advisory (ALAS-2013-171)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.9AI score0.35584EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.79 views

Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)

According to its self-reported version number, the remote Junos Space version is prior to 14.1R1. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in the bundled OpenSSL CentOS package. CVE-2011-4109, CVE-2011-4576,...

9.3CVSS7.7AI score0.95326EPSS
Exploits18References18
Tenable Nessus
Tenable Nessus
added 2014/12/05 12:0 a.m.34 views

SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)

The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues : - Build option no-ssl3 is incomplete. CVE-2014-3568 - Add support for TLSFALLBACKSCSV. CVE-2014-3566 - Information leak in pretty printing functions. CVE-2014-3508 - OCSP bad key DoS...

7.4CVSS7.5AI score0.99999EPSS
Exploits16References20
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.44 views

RHEL 6 : rhev-hypervisor6 (RHSA-2013:0636)

An updated rhev-hypervisor6 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

9.3CVSS7.4AI score0.35584EPSS
Exploits11References12
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.50 views

openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1)

openssl was updated to 1.0.0k security release to fix bugs and security issues. bnc802648 bnc802746 The version was upgraded to avoid backporting the large fixes for SSL, TLS and DTLS Plaintext Recovery Attack CVE-2013-0169 TLS 1.1 and 1.2 AES-NI crash CVE-2012-2686 OCSP invalid key DoS issue...

7.5CVSS6.4AI score0.48298EPSS
Exploits11References16
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.36 views

openSUSE Security Update : openssl (openSUSE-SU-2013:0337-1)

openssl was updated to 1.0.1e, fixing bugs and security issues : o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. o Fix OCSP bad key DoS attack CVE-2013-0166 bnc802746 o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169...

5CVSS6.3AI score0.39593EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2014/04/16 12:0 a.m.60 views

AIX OpenSSL Advisory : openssl_advisory5.asc

The version of OpenSSL running on the remote host is affected by the following vulnerabilities : - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side- channel attacks on a MAC check...

5CVSS6.4AI score0.35584EPSS
Exploits1References4
VMware
VMware
added 2013/07/31 12:0 a.m.38 views

VMware vSphere, ESX and ESXi updates to third party libraries

a. vCenter Server and ESX userworld update for OpenSSL library The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2013-0169 and CVE-2013-0166 to these...

6.9CVSS2.8AI score0.35584EPSS
Exploits6References4Affected Software3
VMware
VMware
added 2013/07/29 12:0 a.m.118 views

VMSA-2013-0009:VMware vSphere, ESX and ESXi updates to third party libraries

VMSA-2013-0009.3 VMware vSphere, ESX and ESXi updates to third party libraries VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0009.3 VMware Security Advisory Synopsis: VMware vSphere, ESX and ESXi updates to third party libraries VMware Security Advisory Issue date:...

6.9CVSS6.8AI score0.35584EPSS
Exploits10References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.41 views

Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0587 advisory. - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 - DoS in OCSP signatures checking 908052 - enable compression on...

5CVSS7.1AI score0.35584EPSS
Exploits2References4
Rows per page
Query Builder