Lucene search
K

169 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : mozilla-nss (openSUSE-SU-2013:1539-1)

Mozilla NSS was updated to 3.15.2 bnc842979 - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add PK11CipherFinal macro - sizeof used incorrectly - nssutilReadSecmodDB leaks memory - Allow...

5CVSS7.1AI score0.03406EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/11/26 12:0 a.m.116 views

IPMI MD2 Auth Type Support Enabled (IPMI Protocol)

The remote Intelligent Platform Management Interface IPMI service has MD2 auth type support enabled. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/11/17 12:0 a.m.39 views

SuSE 11.2 / 11.3 Security Update : Mozilla NSS (SAT Patch Numbers 8484 / 8485)

"Mozilla NSS has been updated to 3.15.2 bnc847708 bringing various features and bugfixes : The main feature is TLS 1.2 support and its dependent algorithms. - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add...

5CVSS6.9AI score0.03406EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.40 views

Oracle Linux 3 / 4 : openssl (ELSA-2010-0163)

From Red Hat Security Advisory 2010:0163 : Updated openssl packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

9.8CVSS7.6AI score0.87264EPSS
Exploits14References5
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.45 views

Oracle Linux 5 : openssl (ELSA-2010-0054)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0054 advisory. - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables 510197 Tenable has extracted the preceding description block directly from the Oracle Linux...

5.1CVSS7AI score0.08941EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/06/29 12:0 a.m.53 views

CentOS 5 : java-1.6.0-openjdk (CESA-2009:1584)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJD...

10CVSS7AI score0.65461EPSS
Exploits13References18
Tenable Nessus
Tenable Nessus
added 2013/03/09 12:0 a.m.47 views

Ubuntu 8.04 LTS / 8.10 / 9.04 : nss regression (USN-810-3)

USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS e.g. Firefox to have an executable stack. This reduced the effectiveness of some defensive security protections. This update...

9.3CVSS7.7AI score0.05741EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.50 views

RHEL 4 : nspr and nss (RHSA-2009:1190)

Updated nspr and nss packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform...

9.3CVSS7.3AI score0.05741EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.36 views

RHEL 5 : nspr and nss (RHSA-2009:1207)

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.48 views

Scientific Linux Security Update : openssl on SL5.x i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-4355 openssl significant memory leak in certain SSLv3 requests DoS It was found that the OpenSSL library did not properly re-initialize its internal state in the SSLlibraryinit function after previous calls to the...

5.1CVSS6.7AI score0.08941EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.300 views

Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem 6862968 CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities 6863503 CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service 68649...

9.3CVSS6.8AI score0.73376EPSS
Exploits24References23
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.45 views

Scientific Linux Security Update : nspr and nss for SL 5.x on i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2404 nss regexp heap overflow The packages with this update are identical to the packages released on the 20th of July 2009. They are being reissued as a...

9.3CVSS7.3AI score0.05741EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.52 views

Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2654 firefox: URL bar spoofing vulnerability CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine...

10CVSS8AI score0.06724EPSS
Exploits9References8
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : openssl on SL3.x, SL4.x i386/x86_64

A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session for example, an HTTPS connection to a website. This could force the...

9.8CVSS7.6AI score0.87264EPSS
Exploits14References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.36 views

Scientific Linux Security Update : gnutls on SL4.x, SL5.x i386/x86_64

CVE-2009-3555 TLS: MITM attacks via session renegotiation CVE-2010-0731 gnutls: gnutlsx509crtgetserial incorrect serial decoding from ASN1 BE64 GNUTLS-SA-2010-1 A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handled session renegotiation. A...

9.8CVSS7.7AI score0.87264EPSS
Exploits15References5
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.34 views

OpenSSL < 0.9.8l Multiple Vulnerabilities

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8l. As such, it may be affected by multiple vulnerabilities : - A remote attacker could crash the server by sending malformed ASN.1 data. This flaw only affects some architectures, Win64 and other...

5.1CVSS7.4AI score0.12746EPSS
Exploits12References9
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.54 views

CentOS Update for gnutls CESA-2010:0166 centos5 i386

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2010:0166 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

5.8CVSS7AI score0.87264EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.46 views

CentOS Update for openssl CESA-2010:0054 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5.1CVSS6.8AI score0.08941EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.42 views

CentOS Update for gnutls CESA-2010:0166 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.87264EPSS
Exploits14References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.30 views

CentOS Update for seamonkey CESA-2009:1432 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS6.8AI score0.06724EPSS
Exploits4References2
Rows per page
Query Builder