2512 matches found
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
DEBIAN-CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
Mozilla Thunderbird / Mozilla weak authentication downgrade
If SMTP authentication with CRAM-MD5 or TLS hadshake fails mail agent downgrades to plain text authentication, allowing active man-in-the-middle attacks...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
CVE-2001-1444
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V Heimdal, does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack...
CVE-2001-1444
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V Heimdal, does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack...
Fw: [net-com] Bug in Mirc v5.82
----- Original Message ----- From: Trax [email protected] To: opers-xnet [email protected] Cc: net-com-xnet [email protected] Sent: Sunday, April 22, 2001 1:40 PM Subject: net-com Bug in Mirc v5.82 There is a bug in mirc v5.82 that allows remote control of clients via /quote and /ctcp not the ctcp...
Raptor 6.5 http vulnerability
Problem Description The Raptor firewall is vulnerability for forwarding http request on other port numbers than 80, if a rule allows http traffic. Redirect rules does not affect this problem. When an extern or internal client, configures itself to use the nearest interface as proxy, it's...
PT-2009-6750 · Openssl +3 · Openssl +4
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8q OpenSSL versions 1.0.x prior to 1.0.0c openssl-devel-0.9.7a openssl-0.9.7a compat-openssl097g compat-openssl097g-32bit openssl prior to version 1.0.0e Description: The issue involves multiple vulnerabilities i...
CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
More info at https://symfony.com/cve-2026-48747...
CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
More info at https://symfony.com/cve-2026-48747...