Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-1980)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.98685EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.31 views

Security Bulletin:GSKit vulnerable to FREAK - GSKit Ephemeral RSA Vulnerability

Summary GSKit with accept an Ephemeral RSA Key for non export CipherSuites in SSLV3.0 and TLS 1.0 Vulnerability Details CVE ID: CVE-2014-8730 DESCRIPTION: The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3...

4.3CVSS1.2AI score0.99999EPSS
Exploits7Affected Software1
RedHat Linux
RedHat Linux
added 2016/08/22 6:7 p.m.4 views

openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)

It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method...

4.3CVSS6.7AI score0.98685EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/06/11 1:21 p.m.10 views

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

4.3CVSS6.8AI score0.03239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/05/20 7:5 p.m.6 views

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

4.3CVSS6.8AI score0.03239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/05/20 6:36 p.m.2 views

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

4.3CVSS6.8AI score0.03239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/05/13 1:36 p.m.3 views

openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)

It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method...

4.3CVSS7AI score0.98685EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/05/13 1:33 p.m.8 views

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

4.3CVSS6.8AI score0.03239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/04/16 3:39 p.m.6 views

openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)

It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method...

4.3CVSS6.7AI score0.98685EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/04/13 11:54 a.m.4 views

openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)

It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method...

4.3CVSS6.7AI score0.98685EPSS
Exploits0References6
OSV
OSV
added 2015/02/04 12:44 p.m.10 views

SUSE-SU-2015:0305-1 Security update for compat-openssl098

The openssl 0.9.8j compatibility package was updated to fix several security vulnerabilities: CVE-2014-3570: Bignum squaring BNsqr may produce incorrect results on some platforms, including x8664. CVE-2014-3571: Fix crash in dtls1getrecord whilst in the listen state where you get two separate rea...

7.4CVSS6.3AI score0.98685EPSS
Exploits9References15
RedHat Linux
RedHat Linux
added 2015/01/21 9:28 p.m.4 views

openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)

It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method...

4.3CVSS7AI score0.98685EPSS
Exploits0References6
Debian
Debian
added 2015/01/11 1:16 p.m.70 views

[SECURITY] [DLA 132-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze19 CVE ID : CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues:...

5CVSS7AI score0.98685EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/01/08 12:0 a.m.105 views

CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

4.3CVSS7AI score0.98685EPSS
Exploits0References2
Rows per page
Query Builder