Lucene search
+L

89 matches found

nessus
nessus
added 2015/01/09 12:0 a.m.36 views

FreeBSD : OpenSSL -- multiple vulnerabilities (4e536c14-9791-11e4-977d-d050992ecde8) (FREAK)

OpenSSL project reports : DTLS segmentation fault in dtls1getrecord CVE-2014-3571 DTLS memory leak in dtls1bufferrecord CVE-2015-0206 no-ssl3 configuration sets method to NULL CVE-2014-3569 ECDHE silently downgrades to ECDH Client CVE-2014-3572 RSA silently downgrades to EXPORTRSA Client...

5CVSS7.4AI score0.98685EPSS
Exploits0References10
osv
osv
added 2015/01/08 12:0 a.m.13 views

UBUNTU-CVE-2014-3572

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

5CVSS6.7AI score0.06574EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2015/01/08 12:0 a.m.45 views

CVE-2014-3572

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

5CVSS6.8AI score0.06574EPSS
Exploits0References2
openssl
openssl
added 2015/01/05 12:0 a.m.75 views

Vulnerability in OpenSSL - ECDHE silently downgrades to ECDH [Client]

An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite. Found by Karthikeyan Bhargavan of the PROSECCO team at INRIA...

5.9AI score0.06574EPSS
Exploits0Affected Software1
kitploit
kitploit
added 2013/12/31 4:51 p.m.14 views

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround i.e. EMPTY FRAGMENT applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reaso...

7AI score
Exploits0
prion
prion
added 2012/01/27 12:55 a.m.29 views

Authentication flaw

crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...

5.8CVSS6.8AI score0.04044EPSS
Exploits0References8Affected Software1
cve
cve
added 2012/01/27 12:0 a.m.92 views

CVE-2011-4354

OpenSSL vulnerability CVE-2011-4354 affects OpenSSL before 0.9.8h on 32-bit platforms, in the ECDH/ECDHE handshake with P-256 and P-384 curves, due to an incorrect modular reduction algorithm in bn_nist.c. This design flaw allows remote attackers to obtain the TLS server private key after multipl...

5.8CVSS6.3AI score0.04044EPSS
Exploits0References8Affected Software1
debiancve
debiancve
added 2012/01/27 12:0 a.m.42 views

CVE-2011-4354

crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...

5.8CVSS6.2AI score0.04044EPSS
Exploits0
osv
osv
added 2011/09/13 12:0 a.m.20 views

DSA-2309-1 openssl - compromised certificate authority

Bulletin has no description...

2.6CVSS7.2AI score0.0343EPSS
Exploits1
Rows per page
Query Builder