TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

Firefox不安全协议地址栏欺骗漏洞

BUGTRAQ ID: 37367 CVE ID: CVE-2009-3984 Firefox是一款流行的开源WEB浏览器。 通过http:或file:等不安全协议所加载的页面将其document.location设置为响应204状态和空响应体的https: URL。不安全的网页接受地址栏边的SSL指示符，但没有对页面进行任何修改，这可能导致用户在访问不安全网页的时候误以为正在访问安全的网页。 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla SeaMonkey 2.0 厂商补丁： Debian ------...

Mozilla SSL spoofing with document.location and empty SSL response page

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content aka 204 status code and an empty...

Design/Logic Flaw

login/indexform.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these...

CVE-2009-4302

login/indexform.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these...

CVE-2009-4302

login/indexform.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these...

CVE-2009-4302

login/indexform.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these...

CVE-2009-4302

The CVE-2009-4302 issue affects Moodle: login/index_form.html in Moodle 1.8 (before 1.8.11) and 1.9 (before 1.9.7) links to an HTTP page even when served over HTTPS, which can cause credentials to be transmitted in cleartext. This is a remote vulnerability allowing credential sniffing. Supported ...

Location bar spoofing vulnerabilities — Mozilla

Security researcher Jonathan Morgan reported that when a page loaded over an insecure protocol, such as http: or file:, sets its document.location to a https: URL which responds with a 204 status and empty response body, the insecure page will receive SSL indicators near the location bar, but wil...

MDVA-2009:249 : mdkonline

This update fixes several issues regarding the live upgrade to a more recent distribution, notably: - new distributions are now only presented after all updates were applied. - if current distribution is no more supported, we will warn about it and offer to upgrade to a newer release - makes the...

MDVA-2009:251 : mdkonline

This update fixes several issues regarding the live upgrade to a more recent distribution, notably: - new distributions are now only presented after all updates were applied. - if current distribution is no more supported, we will about it and offer to upgrade to a newer release It also fix a...

FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc ADV FreeBSD-SA-09:15.ssl.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:15.ssl.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)

Dear List, I updated the whitepaper with a lot of new information, some leveraging the vulnerability in other ways that certainly increase the effectiveness and impact of this vulnerability. A brief warning to those that think they are safe because they don't accept client-side renegotiations...

SuSE Security Advisory SUSE-SA:2009:057 (openssl)

The remote host is missing updates announced in advisory SUSE-SA:2009:057. OpenVAS Vulnerability Test $Id: susesa2009057.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:057 openssl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

SuSE 11.2 Security Update: libopenssl-devel (2009-11-13)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

Novell eDirectory 8.8 SP5 iConsole Buffer Overflow

!/usr/bin/python Novell eDirectory 8.8 SP5 iConsole BOF Vulnerability found by Hellcode Labs, Original POC http://downloads.securityfocus.com/vulnerabilities/exploits/36815.pl Exploit coded by Matteo Memelli | ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce -...