Lucene search
K

2811 matches found

Cvelist
Cvelist
added 2017/02/08 4:0 p.m.22 views

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

5.6AI score0.01423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2017/02/08 4:0 p.m.9 views

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...

7.1AI score0.01423EPSS
Exploits0References2
CVE
CVE
added 2017/02/08 4:0 p.m.62 views

CVE-2016-8492

CVE-2016-8492 describes an information-disclosure vulnerability in Fortinet FortiGate/FortiOS where the ANSI X9.31 RNG is used in long‑lived security channels (IPSec/TLS), potentially allowing unauthorized read access to data. Connected sources confirm this relates to DUHK-style weaknesses in RNG...

5.9CVSS5.6AI score0.01423EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2017/01/12 12:0 a.m.50 views

Siemens SIMATIC CP 343-1 Advanced IKEv1 Cipher Suite Configuration Vulnerability

The SIMATIC CP 343-1 Advanced product allows configuration of the IKEv1 cipher suite configuration, which specifies the IKE and Encapsulating Security Payload ESP supported algorithms, with one cipher for each setting. It is evaluated that the configuration is not consistent with the supported...

6.9AI score
Exploits0
Veracode
Veracode
added 2017/01/09 2:6 a.m.45 views

Information Disclosure

mcrypt is vulnerable to information exposure. The vulnerability exists because TLS, SSH, and IPSec protocols have missing validate birthday bound which allows to remote attack access confidential information in system...

7.5CVSS7.5AI score0.95707EPSS
Exploits7References145Affected Software5
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.15 views

MS15-120: Security update for IPsec to address denial of service: November 10, 2015

MS15-120: Security update for IPsec to address denial of service: November 10, 2015 Summary This security update resolves a denial of service vulnerability in Microsoft Windows. An attacker who successfully exploited the vulnerability could cause the system to become unresponsive. To exploit the...

6.2AI score
Exploits0
FreeBSD
FreeBSD
added 2016/12/02 12:0 a.m.25 views

ipsec-tools -- remotely exploitable computational-complexity attack

Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...

7.8CVSS3.1AI score0.02928EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.31 views

CentOS 7 : libreswan (CESA-2016:2603)

An update for libreswan is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.4AI score0.02773EPSS
Exploits0References2
Cent OS
Cent OS
added 2016/11/25 3:59 p.m.59 views

libreswan security update

CentOS Errata and Security Advisory CESA-2016:2603 An update for libreswan is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.5CVSS7.1AI score0.02773EPSS
Exploits0References7
Fortinet
Fortinet
added 2016/11/22 12:0 a.m.27 views

DUHK Attack against Fortinet Products

When devices use ANSI X9.31 RNG which was removed from the list of FIPS-approved random number generation algorithms in January 2016 to generate cryptographic key under a static seed and under use with long-lived security tunnels like SSL/TLS/SSH/IPSec, such devices are vulnerable to the DUHK...

4.3CVSS2.2AI score0.01423EPSS
Exploits0
NVD
NVD
added 2016/11/19 3:3 a.m.16 views

CVE-2016-6466

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. This vulnerability affects the...

7.5CVSS7.5AI score0.02585EPSS
Exploits0References3
Prion
Prion
added 2016/11/19 3:3 a.m.13 views

Race condition

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. This vulnerability affects the...

5CVSS7.2AI score0.02585EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2016/11/19 2:45 a.m.22 views

CVE-2016-6466

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. This vulnerability affects the...

7.5AI score0.02585EPSS
Exploits0References3
CVE
CVE
added 2016/11/19 2:45 a.m.43 views

CVE-2016-6466

CVE-2016-6466 affects Cisco ASR 5000/5500 Series routers and Cisco VPC, via the StarOS IPsec component (ipsecmgr). The issue arises from improper processing of IKE messages, allowing an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new ones, causing a DoS ...

7.5CVSS7.4AI score0.02585EPSS
Exploits0References3Affected Software2
Cisco
Cisco
added 2016/11/16 4:0 p.m.36 views

Cisco ASR 5000 Series ipsecmgr Service Denial of Service Vulnerability

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. The vulnerability is due to...

5CVSS7.5AI score0.02585EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/04 12:0 a.m.28 views

RHEL 7 : libreswan (RHSA-2016:2603)

An update for libreswan is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.4AI score0.02773EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/11/04 12:0 a.m.19 views

RedHat Update for libreswan RHSA-2016:2603-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02773EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/11/03 8:13 a.m.38 views

Moderate: Red Hat Security Advisory: libreswan security and bug fix update

An update for libreswan is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.1AI score0.02773EPSS
Exploits0References20
Prion
Prion
added 2016/10/31 9:59 p.m.9 views

Memory corruption

A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service line card reset via certain constructed IPsec control packets...

7.8CVSS7.4AI score0.01844EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/10/31 9:59 p.m.17 views

CVE-2016-8203

A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service line card reset via certain constructed IPsec control packets...

7.8CVSS7.7AI score0.01844EPSS
Exploits0References3
Rows per page
Query Builder