Lucene search
K

2811 matches found

CVE
CVE
added 2016/10/31 9:0 p.m.43 views

CVE-2016-8203

CVE-2016-8203 describes a memory corruption in the IPsec code path of Brocade NetIron OS (Brocade MLXs) affecting 5.8.00–5.8.00e, 5.9.00–5.9.00bd, 6.0.00 and 6.0.00a images. Exploitation via crafted IPsec control packets could cause a denial of service (line card reset). OpenVAS advisory/Brocade ...

7.8CVSS7.7AI score0.01844EPSS
Exploits0References3Affected Software1
Broadcom
Broadcom
added 2016/10/03 12:0 a.m.8 views

BSA-2016-168

Security Advisory ID : BSA-2016-168 Component : NetIron Revision : 2.0: Final A memory corruption in the IPsec code path of BrocadeNetIronOS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00 and 6.0.00a images could allow attackers to cause a denial of service line card rese...

7.8CVSS7.1AI score0.01844EPSS
Exploits0
ThreatPost
ThreatPost
added 2016/09/23 3:47 p.m.89 views

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol OCSP was patched this week, closing a denial-of-service weakness in affected servers. The patch was the most severe of 14 released yesterday by OpenSSL. OCSP is an alternative in many cases to Certificate...

7.8CVSS0.7AI score0.95707EPSS
Exploits8References3
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.29 views

Windows IPSec Denial of Service Vulnerability

A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate...

7.8CVSS3.5AI score0.12195EPSS
Exploits1
Prion
Prion
added 2016/09/01 12:59 a.m.44 views

Design/Logic Flaw

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

5CVSS9.2AI score0.95707EPSS
Exploits7References135Affected Software9
ATTACKERKB
ATTACKERKB
added 2016/09/01 12:59 a.m.370 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS6.8AI score0.95707EPSS
In wildExploits7References155
NVD
NVD
added 2016/09/01 12:59 a.m.30 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS6.3AI score0.95707EPSS
Exploits7References137
OSV
OSV
added 2016/09/01 12:59 a.m.45 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS2.3AI score0.95707EPSS
Exploits7References137
Cvelist
Cvelist
added 2016/09/01 12:0 a.m.45 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

6.6AI score0.95707EPSS
Exploits7References135
AlpineLinux
AlpineLinux
added 2016/09/01 12:0 a.m.73 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS6.9AI score0.95707EPSS
Exploits7
CVE
CVE
added 2016/09/01 12:0 a.m.2069 views

CVE-2016-2183

The CVE-2016-2183 (Sweet32) issue stems from the DES/3DES ciphers used in TLS/SSL, allowing a birthday attack to recover plaintext from long, encrypted sessions. Public advisories and vendor notes show OpenSSL-based stacks (and products relying on it) were affected, with mitigations including de-...

7.5CVSS6.5AI score0.95707EPSS
In wildExploits7References137Affected Software4
OSV
OSV
added 2016/09/01 12:0 a.m.8 views

PSF-2016-4 Sweet32 attack (DES, 3DES)

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS7.4AI score0.95707EPSS
Exploits7References3
UbuntuCve
UbuntuCve
added 2016/08/31 12:0 a.m.92 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References24
Broadcom
Broadcom
added 2016/08/31 12:0 a.m.28 views

BSA-2016-134

Security Advisory ID : BSA-2016-134 Component : Crypto Revision : 2.0: Final The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to...

7.5CVSS6.8AI score0.95707EPSS
Exploits7
NVD
NVD
added 2016/08/19 9:59 p.m.21 views

CVE-2016-5736

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before...

7.5CVSS7.5AI score0.02267EPSS
Exploits0References2
Prion
Prion
added 2016/08/19 9:59 p.m.23 views

Default configuration

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before...

5CVSS7.2AI score0.02267EPSS
Exploits0References2Affected Software15
Cvelist
Cvelist
added 2016/08/19 9:0 p.m.28 views

CVE-2016-5736

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before...

7.5AI score0.02267EPSS
Exploits0References2
CVE
CVE
added 2016/08/19 9:0 p.m.68 views

CVE-2016-5736

CVE-2016-5736 concerns the default configuration of the IPsec IKE peer listener in multiple F5 BIG-IP products, where the anonymous IKE peer object is present and enabled. This allows a remote attacker to initiate IKE Phase 1 negotiations and potentially brute-force Phase 2 negotiations via unspe...

7.5CVSS7.4AI score0.02267EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2016/08/12 12:0 a.m.25 views

F5 BIG-IP - BIG-IP IPsec IKE peer listener vulnerability CVE-2016-5736

The anonymous IPsec IKE peer configuration object is present and enabled in the default configuration. The settings of the anonymous IPsec IKE peer object allow an arbitrary peer to establish IKE phase 1 without certificate validation or a pre-shared key which may expose phase 2 negotiations to a...

7.5CVSS7.3AI score0.02267EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/08/11 12:0 a.m.21 views

F5 Networks BIG-IP : BIG-IP IPsec IKE peer listener vulnerability (K10133477)

The anonymous IPsec IKE peer configuration object is present and enabled in the default configuration. The settings of the anonymous IPsec IKE peer object allow an arbitrary peer to establish IKE phase 1 without certificate validation or a pre-shared key which may expose phase 2 negotiations to a...

7.5CVSS7.2AI score0.02267EPSS
Exploits0References2
Rows per page
Query Builder