Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.8 views

Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2015-1787)

The ssl3getclientkeyexchange function in s3srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service daemon crash via a ClientKeyExchange message with a length of zero. This plugi...

2.6CVSS6.8AI score0.07352EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/14 2:32 p.m.32 views

Security Bulletin: Vulnerabilities in OpenSSL affect QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter. QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter have addressed the applicable...

7.5CVSS8.2AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.26 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC5022 16Gb SAN and EN4023 10Gb Scalable Switches

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. IBM Flex System FC5022 16Gb SAN and EN4023 10Gb Scalable Switches use OpenSSL and have addressed the applicable CVEs. Vulnerability Details Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by...

7.5CVSS0.9AI score0.44503EPSS
Exploits1Affected Software2
Prion
Prion
added 2015/08/20 10:59 a.m.26 views

Authentication flaw

EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service daemon crash via a ClientKeyExchange messa...

4.3CVSS6.9AI score0.07352EPSS
Exploits1References2Affected Software2
Check Point Advisories
Check Point Advisories
added 2015/05/13 12:0 a.m.6 views

OpenSSL DHE Client Key Exchange Denial of Service (CVE-2015-1787)

A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference that occurs when an OpenSSL application receives and processes a Client Certificate and a crafted Client Key Exchange handshake message.A remote, unauthenticated attacker can exploit this...

2.6CVSS2.1AI score0.07352EPSS
Exploits0
CVE
CVE
added 2015/03/19 12:0 a.m.120 views

CVE-2015-1787

CVE-2015-1787 affects OpenSSL 1.0.2 before 1.0.2a, where the ssl3_get_client_key_exchange path (s3_srvr.c) can be triggered by a ClientKeyExchange message with zero length when client authentication and an ephemeral DH ciphersuite are enabled, causing a denial of service (daemon crash). Public ad...

2.6CVSS6.1AI score0.07352EPSS
Exploits0References17Affected Software1
ArchLinux
ArchLinux
added 2015/03/19 12:0 a.m.58 views

lib32-openssl: multiple issues

CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...

6.8CVSS1.6AI score0.33482EPSS
Exploits0References14
ArchLinux
ArchLinux
added 2015/03/19 12:0 a.m.55 views

openssl: multiple issues

CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...

6.8CVSS1.6AI score0.33482EPSS
Exploits0References14
Rows per page
Query Builder