Weblate: demo.weblate.org is vulnerable to SWEET32 Vulnerability

Cryptographic protocols like TLS, SSH, IPsec, and OpenVPN commonly use block cipher algorithms, such as AES, Triple-DES, and Blowfish, to encrypt data between clients and servers. To use such algorithms, the data is broken into fixed-length chunks, called blocks, and each block is encrypted...

Cisco ASA Software IPsec Packet Handling DoS (cisco-sa-20170419-asa-ipsec)

According to its self-reported version and configuration, the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a denial of service vulnerability in the IPsec code due to improper parsing of malformed IPsec packets. An authenticated, remote attacker can...

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

Design/Logic Flaw

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

CVE-2017-6609

CVE-2017-6609 affects Cisco ASA Software IPsec handling. The vulnerability stems from improper parsing of malformed IPsec packets in the IPsec code, requiring an authenticated, remote attacker to establish a valid IPsec tunnel and send crafted traffic to the affected system. Exploitation can caus...

Cisco ASA Software IPsec Denial of Service Vulnerability (cisco-sa-20170419-asa-ipsec)

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Cisco ASA Software IPsec Denial of Service Vulnerability

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

PT-2017-17180 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.17.8 Cisco ASA Software versions prior to 9.24.15 Cisco ASA Software versions prior to 9.44 Cisco ASA Software versions prior to 9.53.2 Cisco ASA Software versions prior to 9.62 Description: A...

Windows IPSec Denial of Service Vulnerability

A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate...

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2017:0720-1)

This update for java-171-ibm fixes the following issues: Security issue fixed : - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:0719-1)

This update for java-171-ibm fixes the following issues: Security issue fixed : - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for...

CVE-2017-6297

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...

Code injection

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...

CVE-2017-6297

The CVE-2017-6297 entry concerns MikroTik RouterOS L2TP Client in versions 6.83.3 and 6.37.4. The vulnerability arises because IPsec encryption is not enabled after a reboot, enabling man-in-the-middle attackers to view unencrypted data and potentially access networks on the L2TP server by monito...

Information disclosure

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

CVE-2016-8492

CVE-2016-8492 describes an information-disclosure vulnerability in Fortinet FortiGate/FortiOS where the ANSI X9.31 RNG is used in long‑lived security channels (IPSec/TLS), potentially allowing unauthorized read access to data. Connected sources confirm this relates to DUHK-style weaknesses in RNG...