Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.29 views

openSUSE Security Update : zeromq (openSUSE-SU-2014:1493-1)

zeromq was updated to version 4.0.5 to fix two security issues and various other bugs. These security issues were fixed : - Did not validate the other party's security handshake properly, allowing a man-in-the-middle downgrade attack CVE-2014-7202. - Did not implement a uniqueness check on...

4.3CVSS8.2AI score0.02015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.30 views

openSUSE Security Update : zeromq (openSUSE-SU-2014:1381-1)

This udpate for zeromq fixes the following non-security and security-issues: Update to version 4.0.4, for a detailed description see /usr/share/doc/packages/zeromq-devel/NEWS - Add libsodium dep for testsuite where possible - Version bump to 4.0.5 fixes bnc898917 CVE-2014-7202 and CVE-2014-7203 :...

4.3CVSS8.2AI score0.02015EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2014/10/15 12:0 a.m.38 views

zeromq: Man-in-the-middle downgrade and replay attack

CVE-2014-7202 downgrade attack A bug in streamengine.cpp allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request. - CVE-2014-7203 replay attack libzmq did not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks...

4.3CVSS6.1AI score0.02015EPSS
Exploits0References6
OSV
OSV
added 2014/10/08 7:55 p.m.8 views

CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

9.1AI score
Exploits0References9
CVE
CVE
added 2014/10/08 7:0 p.m.50 views

CVE-2014-7202

CVE-2014-7202 affects libzmq (ZeroMQ/C++) 4.0.5 prior to 4.0.5, where stream_engine.cpp enables man‑in‑the‑middle downgrade attacks via a crafted connection request. Root cause is in the stream_engine handling; impact is MITM downgrade vulnerability. Remediation: upgrade to version 4.0.5 (or late...

4.3CVSS6.3AI score0.02015EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2014/10/08 7:0 p.m.22 views

CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

4.3CVSS4.9AI score0.02015EPSS
Exploits0
Cvelist
Cvelist
added 2014/10/08 7:0 p.m.27 views

CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

6.2AI score0.02015EPSS
Exploits0References9
Rows per page
Query Builder