CXF: SSL hostname verification bypass, incomplete CVE-2012-5783 fix

It was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...

UBUNTU-CVE-2015-0971

The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service crash via vectors related to SSL/TLS certificates...

Password Change Vulnerability in Beijing PaiNet Software Panabit System

Panabit is an application layer traffic management system based on FreeBSDLinux operating system developed by Beijing Panabit. A password modification vulnerability exists in the Panabit system. The vulnerability allows an attacker to remotely execute system commands, resulting in information...

System Command Injection Vulnerability in Beijing PaiNet Software Panabit System

Panabit is an application layer traffic management system based on FreeBSDLinux operating system developed by Beijing Panabit. A system command injection vulnerability exists in the Panabit system. The vulnerability allows an attacker to remotely execute system commands, resulting in information...

Microsoft windows Schannel weak Diffie-Hellman ephemeral key length sensitive information disclosure vulnerability

Microsoft Windows is a popular operating system. A security vulnerability exists in Microsoft Windows Schannel when a 512-bit weak Diffie-Hellman ephemeral key length is used in an encrypted TLS session, which allows remote attackers to decrypt the weak key and obtain sensitive information by...

JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

IBM JDK Java Denial of Service Vulnerability

IBM Java is a JRE runtime environment. An unspecified security vulnerability in the IBM JDK Java Virtual Machine's Socket Extension Provider for handling TLS and SSL connections allows attackers to conduct denial-of-service attacks by exploiting the vulnerability...

Salt (SaltStack) modules/splunk_search.py create() certificate validation bypass vulnerability

SaltStack is a new infrastructure platform management tool. The create function in SaltStack modules/splunksearch.py fails to properly validate x.509 certificates, allowing remote attackers to forge certificates to spoof TLS/SSL servers and conduct communication interception attacks...

Junos Space Network Management Platform SSL Certificate Handling Cross-Site Scripting Vulnerability

Junos Space Network Management Platform is a network management platform solution. A cross-site scripting vulnerability exists in Junos Space Network Management Platform SSL certificate processing, which can be exploited by remote attackers to inject malicious script or HTML code that can be used...

Dovecot imap-login TLS Handshake Denial of Service Vulnerability

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . A denial of service vulnerability exists in Dovecot version 2.2.16 and earlier. Due to an imap-login related error in the program's handling of forced SSLv3 connections. An attacker can exploit the vulnerabilit...

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the openssl package up to version 1.0.1f in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix

It was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...

Microsoft Windows MS-DOS Device Name Vulnerability

Microsoft Windows is a windowed operating system developed by Microsoft Corporation in the United States. An elevation of privilege vulnerability exists when Microsoft Windows fails to authenticate and execute the emulation layer. The vulnerability allows an authenticated attacker to bypass...

openssl: Divide-and-conquer session key recovery in SSLv2

It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle...

Asterisk Open Source/Certified Asterisk Certificate Validation Vulnerability

Asterisk is a free software, open source software that implements the functionality of a telephone user switch PBX. Asterisk Open Source has a security vulnerability due to a failure to properly handle domain names in the CN field of an X.509 certificate when registering a SIP TLS device. Allowin...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2560-1)

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization ASLR protection mechanism. CVE-2015-1593 An information leak was discovered in the Linux Kernel'...

USN-2563-1 linux vulnerabilities

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

USN-2561-1: Linux kernel (OMAP4) vulnerabilities

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service system crash or to potentially gain administrative privileges...