EUVD-2010-2980

Malware in sbrugna...

K15578: MD5 Message-Digest Algorithm vulnerability CVE-2004-2761

Security Advisory Description The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. CVE-2004-2761 Impact A...

SUSE CVE-2004-2761

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

Golang/x/crypto message forgery vulnerability

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

Design/Logic Flaw

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

BSA-2017-271

Security Advisory ID : BSA-2017-271 Component : MD5 Algorithm Revision : 1.0: Interim The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature...

TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to...

F5 Networks BIG-IP : MD2 Message-Digest Algorithm vulnerability (SOL15663)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

SOL15663 - MD2 Message-Digest Algorithm vulnerability CVE-2009-2409

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

Ubuntu: Security Advisory (USN-1287-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 11.10 : linux vulnerability (USN-1322-1)

Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable h...

Ubuntu Update for linux-lts-backport-oneiric USN-1313-1

Ubuntu Update for Linux kernel vulnerabilities USN-1313-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13131.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-oneiric USN-1313-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1313-1: Linux Kernel (Oneiric backport) vulnerability

Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops...

Ubuntu Update for linux-mvl-dove USN-1303-1

Ubuntu Update for Linux kernel vulnerabilities USN-1303-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13031.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-mvl-dove USN-1303-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu Update for linux-ti-omap4 USN-1304-1

Ubuntu Update for Linux kernel vulnerabilities USN-1304-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13041.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1304-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu: Security Advisory (USN-1304-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1304-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...