357 matches found
Vulnerability in OpenSSL - OpenSSL TLS protocol downgrade attack
A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher...
AIX OpenSSL Advisory : openssl_advisory2.asc
The version of OpenSSL running on the remote host is affected by the following vulnerabilities : - ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use...
ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)
The remote VMware ESXi 5.0 host is affected by Multiple Vulnerabilities : - An integer overflow condition exists in the tzfileread function in the glibc library. An unauthenticated, remote attacker can exploit this, via a crafted timezone TZ file, to cause a denial of service or the execution of...
[SET v5.2] The Social-Engineer Toolkit "Urban Camping"
The Social-Engineer Toolkit SET version 5.2 codename “Urban Camping” has been released. This version adds a complete rewrite of the PowerShell injection techniques within SET and incorporates an automatic process downgrade attack detailed here:...
DEBIAN-CVE-2013-1654
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...
CVE-2013-1654
CVE-2013-1654 affects Puppet 2.7.x prior to 2.7.21, Puppet 3.1.x prior to 3.1.1, and Puppet Enterprise 2.7.x prior to 2.7.2. The issue arises from how SSL protocol negotiation occurs between client and master, enabling remote attackers to perform SSLv2 downgrade attacks against SSLv3 sessions via...
Design/Logic Flaw
Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack...
Windows NetLM Downgrade Attack
This module changes the system LmCompatibilityLevel registry value to enable sending LM challenge hashes and initiates a SMB connection to the host specified in the SMBHOST module option. If an SMB server is listening, it will receive the NetLM hashes for the session user. This module requires...
Ubuntu Update for openssl vulnerabilities USN-1029-1
Ubuntu Update for Linux kernel vulnerabilities USN-1029-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10291.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for openssl vulnerabilities USN-1029-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
RHEL 4 : openssl (RHSA-2010:0977)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0977 advisory. - openssl: NETSCAPEREUSECIPHERCHANGEBUG downgrade-to-disabled ciphersuite attack CVE-2008-7270 - openssl: missing bnwexpand return value...
RHEL 6 : openssl (RHSA-2010:0979)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0979 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength,...
openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network...
OpenSSL 1.0.0 < 1.0.0c Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.0c. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.0c advisory. - OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allo...
CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network...
CVE-2010-4180
OpenSSL vulnerability CVE-2010-4180 affects OpenSSL versions before 0.9.8q and 1.0.x before 1.0.0c when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. The flaw allows remote attackers to modify the ciphersuite in the session cache, enabling a downgrade to an unintended cipher by sniffing net...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...