Lucene search
+L

357 matches found

RedHat Linux
RedHat Linux
added 2015/07/22 7:33 p.m.12 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/07/15 12:37 p.m.6 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2015/07/13 12:0 a.m.46 views

Ubuntu 14.04 LTS : NSS vulnerabilities (USN-2672-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2672-1 advisory. Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a...

4.3CVSS7.5AI score0.03594EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-2672-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5AI score0.03594EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2015/07/09 5:32 p.m.76 views

USN-2672-1: NSS vulnerabilities

Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property...

4.3CVSS7.4AI score0.03594EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2015/07/07 12:0 a.m.11 views

TLS DHE_EXPORT Information Disclosure (MS15-055; CVE-2015-1716; CVE-2015-4000)

An information disclosure vulnerability exists in multiple implementations of TLS 1.2 and earlier, when Ephemeral Diffie-Hellman cipher suites including their EXPORT versions are used. It is possible to downgrade a DHE cipher to a DHEEXPORT cipher, which can be broken, and thereby perform a...

5CVSS1.8AI score0.9986EPSS
Exploits1
Mozilla
Mozilla
added 2015/07/02 12:0 a.m.84 views

NSS accepts export-length DHE keys with regular DHE cipher suites — Mozilla

Security researcher Matthew Green reported a Diffie–Hellman DHE key processing issue in Network Security Services NSS where a man-in-the-middle MITM attacker can force a server to downgrade TLS connections to 512-bit export-grade cryptography by modifying client requests to include only...

4.3CVSS5.3AI score0.9986EPSS
Exploits1References4Affected Software5
Tenable Nessus
Tenable Nessus
added 2015/06/22 12:0 a.m.57 views

OpenSSL 1.0.1 < 1.0.1n / 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)

Binary data 8790.prm...

7.5CVSS6.8AI score0.9986EPSS
Exploits1References9
Ubuntu
Ubuntu
added 2015/06/11 6:7 p.m.101 views

USN-2639-1: OpenSSL vulnerabilities

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...

7.5CVSS7.1AI score0.74483EPSS
Exploits1
Cent OS
Cent OS
added 2015/06/04 7:47 p.m.483 views

openssl security update

CentOS Errata and Security Advisory CESA-2015:1072 Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

4.3CVSS6AI score0.9986EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2015/06/04 5:49 p.m.5 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2015/06/03 8:59 p.m.24 views

CVE-2014-9721

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...

4.3CVSS7.2AI score0.02529EPSS
Exploits0References4
OSV
OSV
added 2015/06/03 8:59 p.m.2 views

DEBIAN-CVE-2014-9721

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...

4.3CVSS6.9AI score0.02529EPSS
Exploits0References1
Prion
Prion
added 2015/06/03 8:59 p.m.18 views

Design/Logic Flaw

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...

4.3CVSS7.1AI score0.02529EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2015/06/03 8:59 p.m.11 views

UBUNTU-CVE-2014-9721

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...

4.3CVSS7.3AI score0.02529EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2015/06/03 8:0 p.m.35 views

CVE-2014-9721

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...

4.3CVSS5.9AI score0.02529EPSS
Exploits0
CVE
CVE
added 2015/06/03 8:0 p.m.79 views

CVE-2014-9721

CVE-2014-9721 affects libzmq (ZeroMQ core library). Affected versions are libzmq before 4.0.6 and 4.1.x before 4.1.1, where a remote attacker can trigger downgrade attacks to bypass the ZMTP v3 protocol security by sending a ZMTP v2 or earlier header. The issue is due to improper handling of olde...

4.3CVSS6.5AI score0.02529EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/06/02 12:0 a.m.29 views

Fedora 22 : zeromq-4.0.5-3.fc22 (2015-8635)

Cherry-pick a fix for the protocol downgrade attack CVE-2014-9721 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

4.3CVSS8.2AI score0.02529EPSS
Exploits0References3
OSV
OSV
added 2015/05/21 12:59 a.m.9 views

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...

3.7CVSS6.1AI score0.9986EPSS
Exploits7References274
RedHat Linux
RedHat Linux
added 2015/05/20 6:36 p.m.4 views

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

4.3CVSS6.8AI score0.03239EPSS
Exploits0References4
Rows per page
Query Builder