Lucene search
+L

197 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/14 12:0 a.m.35 views

openSUSE Security Update : openssl (openSUSE-2016-327) (DROWN)

This update for compat-openssl098 fixes various security issues and bugs : Security issues fixed : - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher...

10CVSS7.7AI score0.82112EPSS
Exploits2References15
myhack58
myhack58
added 2016/03/12 12:0 a.m.12 views

OpenSSL CVE-2 0 1 6-0 8 0 0 and CVE-2 0 1 6-0 7 0 3 bug fixes the details of pick-up fun-vulnerability warning-the black bar safety net

Details 3 6 0 including a portion of the information security practice of course, the“3 6 0 Information Security Department”progressively adhering to best security practices in the https and other ssl fields gradually made significant changes. Such as important system to prohibit unsafe cipher...

Exploits0
OpenVAS
OpenVAS
added 2016/03/12 12:0 a.m.41 views

openSUSE: Security Advisory for openssl (openSUSE-SU-2016:0720-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.4AI score0.82112EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/03/11 2:14 p.m.73 views

Security update for openssl (important)

This update for compat-openssl098 fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher...

10CVSS2.1AI score0.82112EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2016/03/11 12:0 a.m.47 views

Amazon Linux AMI : openssl (ALAS-2016-661) (DROWN) (SLOTH)

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is...

10CVSS8.5AI score0.82112EPSS
Exploits2References9
FreeBSD Advisory
FreeBSD Advisory
added 2016/03/10 12:0 a.m.46 views

FreeBSD-SA-16:12.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:12.openssl Security Advisory The FreeBSD Project Topic: Multiple OpenSSL vulnerabilities Category: contrib Module: openssl Announced: 2016-03-10 Credits:...

10CVSS7.2AI score0.82112EPSS
Exploits2
FreeBSD
FreeBSD
added 2016/03/10 12:0 a.m.73 views

FreeBSD -- Multiple OpenSSL vulnerabilities

Problem Description: A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided...

10CVSS8.3AI score0.82112EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2016/03/10 12:0 a.m.53 views

Scientific Linux Security Update : openssl098e on SL6.x, SL7.x i386/x86_64 (20160309) (DROWN)

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is...

5.9CVSS7AI score0.82112EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2016/03/10 12:0 a.m.47 views

CentOS Update for openssl098e CESA-2016:0372 centos7

Check the version of openssl098e SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882412";...

5.9CVSS6.4AI score0.21247EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2016/03/10 12:0 a.m.38 views

RedHat Update for openssl098e RHSA-2016:0372-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.7AI score0.82112EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2016/03/10 12:0 a.m.53 views

CentOS Update for openssl098e CESA-2016:0372 centos6

Check the version of openssl098e SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882414";...

5.9CVSS6.4AI score0.21247EPSS
Exploits2References2
ThreatPost
ThreatPost
added 2016/03/09 3:56 p.m.13 views

DROWN Vulnerability Remains 'High' Risk, Firms Say

Despite the rush to patch systems at risk to the massive transport layer security TLS vulnerability, known as DROWN, hundreds of cloud services are still at risk of attack. According to two independent research firms, Netskope and Skyhigh Networks, a week after the vulnerability was identified...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/03/09 2:10 p.m.80 views

Important: Red Hat Security Advisory: rhev-hypervisor security, bug fix and enhancement update

An updated rhev-hypervisor package that fixes several security issues, bugs, and enhancements is now available. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.2AI score0.82112EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2016/03/09 2:10 p.m.6 views

SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker could potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack ...

5.9CVSS6.8AI score0.82112EPSS
Exploits2References7
Cent OS
Cent OS
added 2016/03/09 5:32 a.m.117 views

openssl098e security update

CentOS Errata and Security Advisory CESA-2016:0372 Updated openssl098e packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS ba...

5.9CVSS7AI score0.82112EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2016/03/09 4:8 a.m.76 views

Important: Red Hat Security Advisory: openssl098e security update

Updated openssl098e packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

5.9CVSS7AI score0.82112EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2016/03/09 4:8 a.m.5 views

SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker could potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack ...

5.9CVSS6.8AI score0.82112EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.107 views

RHEL 6 / 7 : openssl098e (RHSA-2016:0372)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2016:0372 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a...

5.9CVSS7.2AI score0.82112EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.285 views

CentOS 6 / 7 : openssl098e (CESA-2016:0372) (DROWN)

Updated openssl098e packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

5.9CVSS7.1AI score0.82112EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2016/03/08 12:0 a.m.47 views

Debian Security Advisory DSA 3500-1 (openssl - security update)

Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. CVE-2016-0702 Yuval Yarom from the University of Adelaide and NICTA, Daniel Genkin from Technion and Tel Aviv University, and Nadia Heninger from the University of Pennsylvania discovered a side-channel attack whic...

10CVSS0.7AI score0.82112EPSS
Exploits2References1
Rows per page
Query Builder