SSL/TLS Cryptographic Degradation Man-in-the-Middle Hijacking Vulnerability

SSL/TLS is a cryptographic application. SSL/TLS has a security vulnerability that can lead to an attack known as FREAK Factoring RSA Export Keys, which can be exploited by an attacker to reduce the level of encryption and decrypt communications through a man-in-the-middle attack...

foreman-proxy: failure to verify SSL certificates

It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted...

[SECURITY] Fedora 21 Update: libuv-0.10.34-1.fc21

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

Komodia SDK for Komodia Redirector with SSL Digestor Encryption Issue Vulnerability

Komodia SDK for Komodia Redirector with SSL Digestor is a suite of redirection platform tools for executing data using SSL encryption and dynamic SSL decryption from Komodia, Israel. The Komodia SDK for Komodia Redirector with SSL Digestor suffers from a cryptographic issue vulnerability that...

Adtrustmedia PrivDog SSL Certificate Security Bypass Vulnerability

Adtrustmedia PrivDog is a privacy protection application. Adtrustmedia PrivDog fails to properly handle SSL certificates, allowing attackers to exploit vulnerabilities to conduct man-in-the-middle attacks, obtain sensitive information, and more...

UBUNTU-CVE-2015-0834

The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time...

CVE-2015-2077

The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker alpha 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, uses the same X.509 certificate private key for a root CA certificate across...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...

PT-2015-4763 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A memory leak in the embedded web server in the WebVPN subsystem allows remote attackers to cause a denial of service, resulting in memory consumption...

openssl: race condition in ssl_parse_serverhello_tlsext

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

Gold Partner: security researchers discovered Flash 0day vulnerability with BEDEP virus there is a close Association-vulnerability warning-the black bar safety net

2 0 1 5 year at the beginning of the Adobe Flash sequential burst more0dayvulnerability, and has not been repaired when it waslarge-scale malicious usethe. Recently, Trend Micro security researchers in Adobe 0day vulnerabilities in the tracking survey, found BEDEP series virus with the Adobe Flas...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...

OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...

openssl: TLS protocol downgrade attack

A flaw was found in the way OpenSSL handled fragmented handshake packets. A man-in-the-middle attacker could use this flaw to force a TLS/SSL server using OpenSSL to use TLS 1.0, even if both the client and the server supported newer protocol versions...

Cacti monitoring injection vulnerability triggered within the network the fall-vulnerability warning-the black bar safety net

Preface: Security is a whole, any one of the short Board will cause Safety accident, from the border network to the IDC operation and maintenance of the network to the office network, are the whole of each of the network cannot be ignored. Enterprise in for security to do a multi-layer protection...

IBM Security AppScan Standard Information Disclosure Vulnerability (CNVD-2015-00885)

IBM Security AppScan Standard is a set of security testing tools for Web applications from IBM in the United States. The tool automates dynamic and static security vulnerability scanning during the application development lifecycle. An information disclosure vulnerability exists in IBM Security...

chromium-browser: caching error in AppCache

The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...