14 matches found
Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)
Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3508, CVE-2014-5139, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512)
Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM...
Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™
Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...
Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL (CVE-2014-3511, CVE-2014-3512)
Summary IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL that could cause a protocol downgrade attack or a buffer overrun attack. Vulnerability Details CVEID: CVE-2014-3511 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the...
pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 )
According to its self-reported version number, the remote pfSense install is a version prior to 2.1.5 It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108516; scriptversion"1.4";...
Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)
According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in 'd1both.c' related to handling DTLS packets that allows denial of...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt0.M70P.1
1.0.1j-alt0.M70P.1 built Oct. 31, 2014 Gleb Fotengauer-Malinovskiy in task 133718 Oct. 31, 2014 Gleb Fotengauer-Malinovskiy - Backported to p7 branch security: CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508,...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Security fix for the ALT Linux 8 package openssl10 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649)
According to its self-reported version number, the remote Junos device is affected by multiple vulnerabilities in the implementation of OpenSSL : - An error exists related to 'ec point format extension' handling and multithreaded clients that allows freed memory to be overwritten during a resumed...
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via an invalid SRP 1 g, 2 A, or 3 B parameter...
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via an invalid SRP 1 g, 2 A, or 3 B parameter...
[SECURITY] [DSA 2998-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2998-1 [email protected] http://www.debian.org/security/ Raphael Geissert August 07, 2014 http://www.debian.org/security/faq -...