32 matches found
EUVD-2014-1766
Malware in sbrugna...
EUVD-2010-4446
Malware in sbrugna...
EUVD-2010-4225
Malware in sbrugna...
K15504: OpenSSH vulnerability CVE-2014-1692
Security Advisory Description The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecifie...
K17382: OpenSSL vulnerability CVE-2010-4252
Security Advisory Description OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in ea...
K14317: OpenSSH J-PAKE vulnerability CVE-2010-4478
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate. F5 products do not include J-PAKE in the OpenSSH programs a...
BSA-2017-246
Security Advisory ID : BSA-2017-246 Component : FOS Revision : 2.0: Final Thehashbufferfunction inschnorr.cinOpenSSHthrough 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of servic...
OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
OpenSSH is prone to a remote memory-corruption vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
OpenSSH 'schnorr.c'远程内存破坏漏洞
BUGTRAQ ID: 65230 CVECAN ID: CVE-2014-1692 OpenSSH是SSH协议的开源实现。 OpenSSH 6.4版本及之前版本,如果Makefile.inc修改为启用J-PAKE协议,schnorr.c内的hashbuffer函数就不会初始化某些数据结构,这可使远程攻击者造成拒绝服务(内存破坏)。 0 OpenSSH OpenSSH 6.4 厂商补丁: OpenSSH ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.openssh.com/...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
Design/Logic Flaw
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
SOL14317 - OpenSSH J-PAKE vulnerability CVE-2010-4478
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
OpenSSH < 5.7 Multiple Vulnerabilities
Binary data 6300.prm...
SuSE 11.1 Security Update : libfreebl3 (SAT Patch Number 5138)
This update updates Mozilla NSS to 3.12.11. The update marks the compromised DigiNotar Certificate Authority as untrusted For more information read : MFSA 2011-34 - update to 3.12.10 - root CA changes - filter certain bogus certs bmo642815 - fix minor memory leaks - other bugfixes - update to...
CVE-2010-4478
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...
Design/Logic Flaw
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...