Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.29 views

openSUSE Security Update : zeromq (openSUSE-SU-2014:1493-1)

zeromq was updated to version 4.0.5 to fix two security issues and various other bugs. These security issues were fixed : - Did not validate the other party's security handshake properly, allowing a man-in-the-middle downgrade attack CVE-2014-7202. - Did not implement a uniqueness check on...

4.3CVSS8.2AI score0.02015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.30 views

openSUSE Security Update : zeromq (openSUSE-SU-2014:1381-1)

This udpate for zeromq fixes the following non-security and security-issues: Update to version 4.0.4, for a detailed description see /usr/share/doc/packages/zeromq-devel/NEWS - Add libsodium dep for testsuite where possible - Version bump to 4.0.5 fixes bnc898917 CVE-2014-7202 and CVE-2014-7203 :...

4.3CVSS8.2AI score0.02015EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2014/10/15 12:0 a.m.38 views

zeromq: Man-in-the-middle downgrade and replay attack

CVE-2014-7202 downgrade attack A bug in streamengine.cpp allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request. - CVE-2014-7203 replay attack libzmq did not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks...

4.3CVSS6.1AI score0.02015EPSS
Exploits0References6
OSV
OSV
added 2014/10/08 7:55 p.m.5 views

CVE-2014-7203

libzmq aka ZeroMQ/C++ 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors...

9.2AI score
Exploits0References9
CVE
CVE
added 2014/10/08 7:0 p.m.48 views

CVE-2014-7203

libzmq (ZeroMQ/C++) 4.0.x before 4.0.5 exposes a replay vulnerability (CVE-2014-7203) because nonces are not guaranteed unique, enabling man-in-the-middle replay attacks via unspecified vectors. The issue is fixed in libzmq 4.0.5 (e.g., openSUSE/SUSE updates reference CVE-2014-7203 and CVE-2014-7...

4.3CVSS6.4AI score0.019EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder