35 matches found
SUSE CVE-2014-3511
The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN Volume Controller and Storwize Family (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511)
Summary Vulnerabilities in OpenSSL could allow a remote attacker to execute arbitrary code or cause a denial of service. Vulnerability Details CVE-ID:CVE-2014-3509 DESCRIPTION : OpenSSL is vulnerable to a denial of service, caused by a race condition in the sslparseserverhellotlsext code. If a...
Security Bulletin: Network Intrusion Prevention System is affected by multiple OpenSSL vulnerabilities (CVE-2014-3508, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)
Summary Security vulnerabilities have been discovered in OpenSSL components used by IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2014-3509 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a race condition in the sslparseserverhellotlsext...
Mageia: Security Advisory (MGASA-2014-0325)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)
Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2020-1637)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: OpenSSL vulnerabilities announced August 6th 2014 affect Juniper EX Series Network Switches sold by IBM for use in IBM Products (9 CVEs)
Summary The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Vulnerability Details Abstract The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Content Vulnerability Details: CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable ...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3508, CVE-2014-5139, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512)
Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM...
Security Bulletin: Multiple potential vulnerabilities in OpenSSL fixed in Chassis Management Module (CMM) (CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508)
Summary OpenSSL disclosed several vulnerabilities in August 2014. Seven of those vulnerabilities apply to the version of OpenSSL used by Flex Systems Chassis Management Module CMM. Vulnerability Details Abstract OpenSSL disclosed several vulnerabilities in August 2014. Seven of those...
Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™
Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect Rational ClearCase (CVE-2014-5139, CVE-2014-3509, CVE-2014-3511)
Summary There are multiple vulnerabilities in OpenSSL that is used by affect Rational ClearCase. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this li...
Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)
Summary Multiple security vulnerabilities have been discovered in OpenSSL version used by IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable to a denial of service, caused by a double-free error when handling DTLS packets. A remote...
Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL (CVE-2014-3511, CVE-2014-3512)
Summary IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL that could cause a protocol downgrade attack or a buffer overrun attack. Vulnerability Details CVEID: CVE-2014-3511 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the...
pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 )
According to its self-reported version number, the remote pfSense install is a version prior to 2.1.5 It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108516; scriptversion"1.4";...
RHEL 6 : rhevm-spice-client (RHSA-2015:0197)
Updated rhevm-spice-client packages that fix two security issues and several bugs are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)
According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in 'd1both.c' related to handling DTLS packets that allows denial of...
RHEL 6 : rhev-hypervisor6 (RHSA-2015:0126)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:0126 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...
Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3508_information_disclosure)
The remote Solaris system is missing necessary patches to address security updates : - The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters,...
Fedora Update for mingw-openssl FEDORA-2014-17576
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-openssl FEDORA-2014-17587
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...