6 matches found
K16903: Microsoft Schannel vulnerability CVE-2015-1637
Security Advisory Description Schannel aka Secure Channel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state...
Lexmark Printer config.html Administrator Authentication Bypass (FREAK)
According to its firmware version, the remote Lexmark printer is affected by a security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, due to the support of weak EXPORTRSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may b...
CVE-2015-1637
CVE-2015-1637 is listed in OpenSSL TLS Export Cipher Suite Downgrade advisories (FREAK family). IBM AIX/OpenSSL references indicate OpenSSL on AIX platforms is affected by export-RSA downgrade threats and provides fixes via interim patches (IV69033s9a/b/c) for openssl.base 1.0.1.513 on AIX 5.3/6....
Microsoft: All Windows versions Vulnerable to FREAK Vulnerability
Recently discovered FREAK vulnerability that apparently went undetected for more than a decade is reportedly affecting all supported versions of Microsoft Windows, making the flaw more creepy than what we thought. FREAK vulnerability is a disastrous SSL/TLS flaw disclosed Monday that allows an...
Microsoft Schannel Vulnerable to FREAK
Microsoft today issued an advisory warning Windows users that Secure Channel, or Schannel, the Windows implementation of SSL/TLS, is vulnerable to the FREAK attack. Disclosed this week, FREAK CVE-2015-1637 is the latest big Internet bug. It affects a number of SSL clients, including OpenSSL, and...
MS KB3046015: Vulnerability in Schannel Could Allow Security Feature Bypass (FREAK)
The remote Windows host is affected by a security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, due to the support of weak EXPORTRSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS...