Firefox ESR 24.x < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to...

Thunderbird < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to System...

Updated nss packages fix security vulnerability

Updated nss packages fix security vulnerability: The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509...

Fedora 20 : nss-3.15.4-1.fc20 / nss-softokn-3.15.4-1.fc20 / nss-util-3.15.4-1.fc20 (2014-1120)

Update of the nss, nss-softokn, and nss-util packages to nss-3.15.4, a patch release for NSS 3.15 which includes the following security-relevant bug : CVE-2013-1740 When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PRRecv For further details refer to...

CVE-2013-1740

The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...

CVE-2013-1740

The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...

CVE-2013-1740

The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...

OpenSSH 6.0p1 Backdoor Patch 1.2 Vulnerability 0day

This patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities. Telnet to target openssh server and issue udcgamaimagic string for getting reverse openssh connection. $id: udc-hackssh-v3bajaulaut-v1, 2012/10/28 05:00:50 slash...

Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit to the exploit-vulnerability warning-the black bar safety net

From su bun's blog Very early on saw through this vulnerability, but since Y is a bruteforce, just don't be too concerned about yesterday and a friend chat to this vulnerability, look carefully at the next, hazard is still quite large, although the need for certain conditions before they can be...

Memory corruption

Memory leak in the zlibstatefulinit function in crypto/comp/czlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service memory consumption via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server modssl that specify...

Debian: Security Advisory (DSA-875-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-882-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1379-1 (openssl)

The remote host is missing an update to openssl announced via advisory DSA 1379-1. OpenVAS Vulnerability Test $Id: deb13791.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1379-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1379-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-881-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Solaris 10 (x86) : 126254-02

SunOS 5.10x86: libssl patch. Date this patch was last updated by Sun : Sep/28/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom...

[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1379 [email protected] http://www.debian.org/security/ Noah Meyerhans October 02, 2007 - ------------------------------------------------------------------------ Package : openssl Vulnerability...

DSA-1379-1 openssl - arbitrary code execution

Bulletin has no description...

Solaris 10 (sparc) : 121229-02

SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

Solaris 10 (x86) : 121230-02

SunOS 5.10x86: libssl patch. Date this patch was last updated by Sun : Apr/23/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom...