402 matches found
RHCOS 2 : node.js (RHSA-2015:1545)
The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1545 advisory. - SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-3566 Note that Nessus has not tested for this issue but has instead...
RHCOS 2 : node.js (RHSA-2015:1546)
The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1546 advisory. - SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-3566 Note that Nessus has not tested for this issue but has instead...
EUVD-2015-4104
Malware in sbrugna...
EUVD-2015-3680
Malware in sbrugna...
EUVD-2014-8562
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-3566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle...
crypticaldevelopment.com Cross Site Scripting vulnerability OBB-3934792
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
RHEL 6 : puppet (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - puppet: incorrect URL decoding CVE-2016-2785 - The default vhost configuration file in Puppet before 3.6....
Security Bulletin: Vulnerability in SSLv3 affects IBM BladeCenter Advanced Management Module (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack...
Security Bulletin: Vulnerability in NSS affects SAN Volume Controller and Storwize Family (CVE-2014-3566)
Summary There is a security vulnerability in NSS that is used by SAN Volume Controller and Storwize Family. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Description: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error when using...
Security Bulletin: Vulnerability in SSLv3 affects TS2900 (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS2900. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information, cause...
Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS3100/TS3200. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information...
Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 (CVE-2014-3566)
Summary Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 CVE-2014-3566 Vulnerability Details Security Bulletin --- Summary --- SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in...
Debian: Security Advisory (DLA-400-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-282-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in SSLv3 affects IBM SAN b-type switches and directors (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM SAN b-type switches and directors. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obta...
Security Bulletin: IBM SAN b-type switch SSLv3 POODLE Attack - CVE-2014-3566
Summary IBM SAN b-type Switch products could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. Vulnerability Details CVE: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by a...
Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)
Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems. OpenSSL had a vulnerability which allowed forceful downgrad...
Security Bulletin: Vulnerabilities in Network Security Services (NSS) affect IBM FlashSystem 840 and IBM FlashSystem V840, -AE1 models, (CVE-2014-3566)
Summary Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. NSS is used by FlashSystem 840. FlashSystem 840 has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2014-3566...
Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem 840 and V840 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)
Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem 840 and V840 systems. OpenSSL had a vulnerability which allowed forceful downgrade of the communication to...