Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.9 views

Siemens SCALANCE X-200RNA Switch Devices Cryptographic Issues (CVE-2015-0285)

The ssl3clienthello function in s3clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force...

4.3CVSS6.8AI score0.05745EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/28 1:48 a.m.72 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN b-type Switches

Summary OpenSSL issues from March 2015 containing 12 CVE were disclosed. This bulletin addresses the vulnerabilities that have been referred to as Open SSL used by IBM SAN b-type Switches. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...

7.5CVSS8.3AI score0.44503EPSS
Exploits1Affected Software7
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.1 views

SUSE CVE-2015-0285

The ssl3clienthello function in s3clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force...

4.3CVSS6.8AI score0.05745EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/11 3:7 p.m.75 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Switches and Directors.

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco Switches and Directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By connecting to a...

7.5CVSS8.3AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 6:4 p.m.91 views

Security Bulletin: Vulnerabilities in OpenSSL including ClientHello DoS affect Multiple N series Products

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. This includes OpenSSL ClientHello sigalgs DoS CVE-2015-0291. OpenSSL is used by Multiple N series Products. Multiple N series Products have addressed the applicable CVEs. Vulnerability Details CVEID:...

7.5CVSS1.2AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:9 a.m.48 views

Security Bulletin: Vulnerabilities in OpenSSL affects Rational Application Developer for WebSphere Software

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Application Developer for WebSphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenS...

7.5CVSS0.9AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.43 views

Security Bulletin: IBM i is affected by several OpenSSL vulnerabilities.

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs provided by OpenSSL Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an implementation error in t...

7.5CVSS8.2AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.79 views

Security Bulletin: Vulnerabilities in OpenSSL affect MegaRAID Storage Manager

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs. Vulnerability Details Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL...

7.5CVSS1AI score0.44503EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/06/04 12:0 a.m.122 views

Splunk Enterprise 5.0.x < 5.0.13 / 6.0.x < 6.0.9 / 6.1.x < 6.1.8 OpenSSL Vulnerabilities (FREAK)

According to its version number, the Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.13, 6.0.x prior to 6.0.9, or 6.1.x prior to 6.1.4. It is, therefore, affected by the following vulnerabilities related to the included OpenSSL library : - A security feature bypass...

7.5CVSS7.8AI score0.98685EPSS
Exploits1References17
ArchLinux
ArchLinux
added 2015/03/19 12:0 a.m.54 views

openssl: multiple issues

CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...

6.8CVSS1.6AI score0.33482EPSS
Exploits0References14
CVE
CVE
added 2015/03/19 12:0 a.m.123 views

CVE-2015-0285

CVE-2015-0285: OpenSSL could seed PRNG insecurely in ssl3_client_hello, enabling weaker handshake security. IBM advisories for DataPower, Rational, and SAN/BladeCenter products list mitigations via updates to fixed OpenSSL versions (e.g., IBM DataPower fixes 6.0.x+/7.0.x+; IBM i/Data ONTAP notes)...

4.3CVSS5.8AI score0.05745EPSS
Exploits0References18Affected Software1
Rows per page
Query Builder