Lucene search
K

170 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.33 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Datapower Gateways (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Datapower Gateways. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

4.3CVSS6AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.31 views

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile and IBM WebSphere Application Server Liberty Profile that are shipped as a component of WebSphere Lombardi Edition and IBM Business Process Manager. Th...

4.3CVSS0.2AI score0.9986EPSS
Exploits1Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.22 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Operational Decision Manager (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Operational Decision Manager. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

4.3CVSS0.5AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.25 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Telemetry (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM WebSphere MQ Telemetry MQXR service. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the...

4.3CVSS0.6AI score0.9986EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.56 views

SUSE SLES11 Security Update : mysql (SUSE-SU-2016:1618-1) (Logjam)

This update for mysql fixes the following issues : - bsc959724: fix incorrect usage of sprintf/strcpy that caused possible buffer overflow issues at various places On SUSE Linux Enterprise 11 SP4 this fix was not yet shipped : - Increase the key length to 2048 bits used in vio/viosslfactories.c f...

4.3CVSS7.2AI score0.9986EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2016/08/03 10:0 a.m.14 views

Export-Grade Crypto Patching Improves

LAS VEGAS – The FREAK, LOGJAM and DROWN attacks of the last 17 months weren’t just the work of academics and security researchers who found a cool way to unmask encrypted traffic. They were ugly reminders of the Crypto Wars of the 1990s and why export-grade cryptography and intentional encryption...

0.2AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/12/15 12:0 a.m.58 views

Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2617 advisory. - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - rac...

7.5CVSS7.7AI score0.9986EPSS
Exploits4References4
Oracle linux
Oracle linux
added 2015/12/14 12:0 a.m.140 views

openssl security update

1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...

7.5CVSS1AI score0.9986EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2015/10/28 12:0 a.m.28 views

openSUSE Security Update : haproxy (openSUSE-2015-682)

haproxy was updated to fix two security issues. These security issues were fixed : - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memo...

5CVSS6.5AI score0.04274EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/10/28 12:0 a.m.24 views

openSUSE: Security Advisory for haproxy (openSUSE-SU-2015:1831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS4.8AI score0.04274EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2015/10/27 1:10 p.m.31 views

Security update for haproxy (important)

haproxy was updated to fix two security issues. These security issues were fixed: - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memor...

5CVSS0.6AI score0.04274EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.52 views

SUSE: Security Advisory for MySQL (SUSE-SU-2015:1177-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.5AI score0.9986EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.35 views

SUSE: Security Advisory for MySQL (SUSE-SU-2015:1177-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.5AI score0.9986EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.35 views

Oracle: Security Advisory (ELSA-2015-1072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.6AI score0.9986EPSS
Exploits1References2
IBM AIX
IBM AIX
added 2015/08/07 3:15 p.m.457 views

Vulnerability in Diffie-Hellman ciphers affects sendmail on AIX,Vulnerability in Diffie-Hellman ciphers affects sendmail on VIOS

IBM SECURITY ADVISORY First Issued: Fri Aug 7 15:15:59 CDT 2015 |Updated: Tue Aug 18 09:19:51 CDT 2015 |Update: Added AIX 5.3 vulnerability information The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/sendmailadvisory2.asc...

4.3CVSS5.3AI score0.9986EPSS
Exploits1
IBM AIX
IBM AIX
added 2015/07/31 1:4 p.m.52 views

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Fri Jul 31 13:04:25 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajuly2015advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajuly2015advisory.asc...

10CVSS5.6AI score0.9986EPSS
Exploits1
OSV
OSV
added 2015/07/29 3:8 p.m.8 views

SUSE-SU-2015:1482-1 Recommended update for openldap2

openldap2 was updated to fix one security issue. This security issue was fixed: - CVE-2015-4000: The Logjam Attack / weakdh.org bsc937766. This non-security issue was fixed: - bsc932773: ldapmodify failed with DOS format LDIF files containing '-' separator...

4.3CVSS6.2AI score0.9986EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/07/22 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:1273-1) (BACKRONYM)

This update fixes the following security issues : - Logjam attack: mysql uses 512 bit dh groups in SSL bnc934789 - CVE-2015-3152: mysql --ssl does not enforce SSL bnc924663 - CVE-2014-8964: heap buffer overflow bnc906574 - CVE-2015-2325: heap buffer overflow in compilebranch bnc924960 -...

7.8CVSS7.2AI score0.09984EPSS
Exploits3References38
OSV
OSV
added 2015/07/21 11:8 a.m.17 views

SUSE-SU-2015:1273-1 Security update for mariadb

This update fixes the following security issues: Logjam attack: mysql uses 512 bit dh groups in SSL bnc934789 CVE-2015-3152: mysql --ssl does not enforce SSL bnc924663 CVE-2014-8964: heap buffer overflow bnc906574 CVE-2015-2325: heap buffer overflow in compilebranch bnc924960 CVE-2015-2326: heap...

7.8CVSS6.3AI score0.09984EPSS
Exploits3References26
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.43 views

SUSE SLES11 Security Update : MySQL (SUSE-SU-2015:1177-2) (Logjam)

This update fixes the following security issue : Logjam Attack: mysql uses 512 bit dh groups in SSL bnc934789 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as mu...

4.3CVSS7.2AI score0.9986EPSS
Exploits1References6
Rows per page
Query Builder