16 matches found
Mageia: Security Advisory (MGASA-2014-0325)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)
Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect Rational ClearCase (CVE-2014-5139, CVE-2014-3509, CVE-2014-3511)
Summary There are multiple vulnerabilities in OpenSSL that is used by affect Rational ClearCase. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this li...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Worklight (CVE-2014-3509, CVE-2014-5139)
Summary There are multiple vulnerabilities in OpenSSL that is used by the optional FIPS 140-2 data-in-motion feature in IBM Worklight. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-3509 DESCRIPTION: OpenSSL is vulnerable to a denial o...
pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 )
According to its self-reported version number, the remote pfSense install is a version prior to 2.1.5 It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108516; scriptversion"1.4";...
Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)
According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in 'd1both.c' related to handling DTLS packets that allows denial of...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt0.M70P.1
1.0.1j-alt0.M70P.1 built Oct. 31, 2014 Gleb Fotengauer-Malinovskiy in task 133718 Oct. 31, 2014 Gleb Fotengauer-Malinovskiy - Backported to p7 branch security: CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508,...
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Security fix for the ALT Linux 8 package openssl10 version 1.0.1j-alt1
Oct. 30, 2014 Gleb Fotengauer-Malinovskiy 1.0.1j-alt1 - Updated to 1.0.1j fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567, CVE-2014-3566, CVE-2014-3568. - Updated patches from...
Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649)
According to its self-reported version number, the remote Junos device is affected by multiple vulnerabilities in the implementation of OpenSSL : - An error exists related to 'ec point format extension' handling and multithreaded clients that allows freed memory to be overwritten during a resumed...
CVE-2014-5139
OpenSSL CVE-2014-5139: The ssl_set_client_disabled function in t1_lib.c of OpenSSL 1.0.1 before 1.0.1i allows a remote attacker to cause a denial of service (NULL pointer dereference and client crash) via a ServerHello containing an SRP ciphersuite not properly negotiated with the client. Affecte...
CVE-2014-5139
The sslsetclientdisabled function in t1lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service NULL pointer dereference and client application crash via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite...
[SECURITY] [DSA 2998-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2998-1 [email protected] http://www.debian.org/security/ Raphael Geissert August 07, 2014 http://www.debian.org/security/faq -...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionali...
CVE-2014-2970
CVE-2014-2970 is rejected/not used and does not represent an active vulnerability entry.