Lucene search
K

969 matches found

Tenable Nessus
Tenable Nessus
added 2014/07/03 12:0 a.m.45 views

VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2014-0006)

The version of VMware vCenter Update Manager installed on the remote Windows host is 5.5 prior to Update 1b. It is, therefore, affected by the following vulnerabilities related to the bundled version of OpenSSL : - An error exists in the function 'ssl3readbytes' that could allow data to be inject...

7.4CVSS8.1AI score0.99977EPSS
Exploits13References8
Tenable Nessus
Tenable Nessus
added 2014/07/02 12:0 a.m.226 views

HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server has an implementation of the OpenSSL library that is affected by the following vulnerabilities : - An error exists in the ssl3readbytes function that allows data to be injected...

7.4CVSS8.2AI score0.99977EPSS
Exploits14References17
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Mambo Component Material Suche 1.0 - SQL Injection

No description provided by source. Mambo Component Material Suche 1.0 SQL injection Vulnerability Author: Gamoscu Site: www.1923turk.biz Site: http://gamoscu.wordpress.com/ Greetz: Manas58 Baybora Delibey Tiamo Psiko Turco infazci X-TRO Exploit:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote 0day Overflow Exploit

No description provided by source. html !-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | |...

7.1AI score
Exploits0
Kaspersky
Kaspersky
added 2014/06/26 12:0 a.m.20 views

KLA10332 OSI vulnerability in Snare

Weak keying material was found in Snare Agent. By exploiting this vulnerability malicious users can obtain and modify sensitive information. This vulnerability can be exploited remotely via MITM, at a point related to OpenSSL. Original advisories Snare Agent changelog Related products Snare CVE...

7AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/20 12:0 a.m.102 views

Blue Coat ProxySG 4.x OpenSSL Security Bypass

The remote Blue Coat ProxySG device's SGOS self-reported version is 4.x and reportedly contains a bundled version of OpenSSL that has multiple flaws. It is, therefore, potentially affected by an unspecified error that could allow an attacker to cause usage of weak keying material, leading to...

7.4CVSS7.4AI score0.95326EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2014/06/20 12:0 a.m.122 views

WinSCP 5.x < 5.5.4 Multiple Vulnerabilities

The WinSCP program installed on the remote host is version 4.3.8, 4.3.9, 4.4.0 or 5.x prior to 5.5.4. It therefore contains a bundled version of OpenSSL prior to 1.0.1h which is affected by the following vulnerabilities : - An error exists in the 'ssl3readbytes' function that permits data to be...

7.4CVSS7.5AI score0.99977EPSS
Exploits13References15
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.45 views

Cisco Adaptive Security Appliances Multiple Vulnerabilities in OpenSSL

The remote Cisco ASA device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as...

7.4CVSS8.2AI score0.99977EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.90 views

Junos Pulse Secure Access IVE / UAC OS Multiple OpenSSL Vulnerabilities (JSA10629)

According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by multiple vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue i...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References11
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.79 views

Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco TelePresence MCU device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD...

7.4CVSS7.5AI score0.95326EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.100 views

Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)

The remote Windows host has a version of Cisco Jabber installed that is known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOA...

7.4CVSS7.5AI score0.95326EPSS
Exploits10References6
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.310 views

Cisco TelePresence Supervisor MSE 8050 Multiple Vulnerabilities in OpenSSL

The remote Cisco TelePresence device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. CVE-2014-0224 - ...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.63 views

AIX OpenSSL Advisory : openssl_advisory9.doc

The version of OpenSSL installed on the remote host is potentially affected by the following remote code execution and denial of service vulnerabilities : - OpenSSL could allow an attacker to cause a buffer overrun situation when an attacker sends invalid DTLS fragments to an OpenSSL DTLS client ...

7.4CVSS8.4AI score0.99977EPSS
Exploits13References7
Tenable Nessus
Tenable Nessus
added 2014/06/12 12:0 a.m.58 views

Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20140605)

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. CVE-2014-0224 Note: In order to...

7.4CVSS7.3AI score0.95326EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2014/06/11 12:0 a.m.50 views

ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check)

The remote VMware ESXi host is 5.5 prior to build 1881737. It is, therefore, affected by the following vulnerabilities in the OpenSSL library : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this...

7.4CVSS7.4AI score0.95326EPSS
Exploits9References6
RedHat Linux
RedHat Linux
added 2014/06/10 12:23 p.m.83 views

Important: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

7.4CVSS7.3AI score0.99977EPSS
Exploits13References9
RedHat Linux
RedHat Linux
added 2014/06/10 12:23 p.m.84 views

Important: Red Hat Security Advisory: openssl098e security update

Updated openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

7.4CVSS7AI score0.95326EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2014/06/10 12:23 p.m.6 views

openssl: SSL/TLS MITM vulnerability

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server...

7.4CVSS6.6AI score0.95326EPSS
Exploits9References8
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.86 views

stunnel < 5.02 OpenSSL Multiple Vulnerabilities

The version of stunnel installed on the remote host is prior to version 5.02. It is, therefore, affected by the following vulnerabilities : - An error exists in the ssl3readbytes function that allows data to be injected into other sessions or allows denial of service attacks. Note this issue is...

7.4CVSS8AI score0.99977EPSS
Exploits13References9
Check Point Advisories
Check Point Advisories
added 2014/06/09 12:0 a.m.4 views

OpenSSL TLS Man-In-The-Middle Security Bypass (CVE-2014-0224)

A security bypass via ChangeCipherSpec CCS Injection vulnerability has been reported in older versions of OpenSSL. The vulnerability is due to a weakness in OpenSSL methods used for keying material. The vulnerability can be exploited through the use of a man in the middle attack, where an attacke...

5.8CVSS2.7AI score0.95326EPSS
Exploits9
Rows per page
Query Builder