UBUNTU-CVE-2012-2333

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

Important: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support. The Red Hat Security Response Team has rated this...

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

Comodo Internet Security远程拒绝服务漏洞

BUGTRAQ ID: 53163 CVE ID: CVE-2012-2273 Comodo Internet Security是一款免费的多层安全产品，为电脑网络提供全面的安全防护, 包括反病毒，反恶意软件，和网络钓鱼保护。 Comodo Internet Security在实现上存在远程拒绝服务漏洞，利用此漏洞可允许攻击者使受影响操作系统崩溃。 0 Comodo Internet Security 5.9 Comodo Internet Security 5.10 厂商补丁： Comodo ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[SECURITY] Fedora 17 Update: python-sqlalchemy0.5-0.5.8-9.fc17

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implem ents the proposed standards by the IETF's TLS working group...

Fedora Update for gnutls FEDORA-2012-4569

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2012-4569 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 16 Update: python-sqlalchemy0.5-0.5.8-9.fc16

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

RedHat Update for gnutls RHSA-2012:0428-01

Check for the Version of gnutls OpenVAS Vulnerability Test RedHat Update for gnutls RHSA-2012:0428-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RedHat Update for openssl RHSA-2012:0426-01

Check for the Version of openssl OpenVAS Vulnerability Test RedHat Update for openssl RHSA-2012:0426-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for gnutls FEDORA-2012-4578

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2012-4578 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 15 Update: apr-1.4.6-1.fc15

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2...

Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares

Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares Jean-Pierre aka DarkCoderSc and Fred De Vries Develop and Release the second version of Another great security tool named "Mirage Anti-Bot 2.0". Zeus and SpyEye were the two main families of botnet software. These types of malware are...

openssl: uninitialized SSL 3.0 padding

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

Cyberoam Central Console 2.00.2 - Remote File Inclusion

Cyberoam Central Console 2.00.2 - Remote File Inclusion Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central...

Cyberoam Central Console 2.00.2 - Remote File Inclusion

Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central Console CCC appliances offer the flexibility of hardware...

openssl: uninitialized SSL 3.0 padding

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

Ubuntu: Security Advisory (USN-1341-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

SSL CBC IV vulnerability

curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. This vulnerability has been identified CVE-2011-3389 aka the "BEAST" attack and is addressed by OpenSSL already as they have made a workaround to mitigate the problem. When doing so, they figured out...