10 matches found
EUVD-2015-3326
Malware in sbrugna...
DVFS: a Dynamic Verifiable Fuzzy Search Service for Encrypted Cloud Data
Cloud storage introduces critical privacy challenges for encrypted data retrieval, where fuzzy multi-keyword search enables approximate matching while preserving data confidentiality. Existing solutions face fundamental trade-offs between security and efficiency: linear-search mechanisms provide...
S-Leak: Leakage-Abuse Attack against Efficient Conjunctive SSE Via S-Term Leakage
Conjunctive Searchable Symmetric Encryption CSSE enables secure conjunctive searches over encrypted data. While leakage-abuse attacks LAAs against single-keyword SSE have been extensively studied, their extension to conjunctive queries faces a critical challenge: the combinatorial explosion of...
RHEL 6 : openldap (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openldap: incorrect multi-keyword mode cipherstring parsing CVE-2015-3276 -...
SUSE CVE-2015-3278
The cipherstring parsing code in nsscompatossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors...
CVE-2015-3277
The modnss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring...
CVE-2015-3278
The cipherstring parsing code in nsscompatossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors...
CVE-2015-3278
CVE-2015-3278 involves the cipherstring parsing code in the NSS compatibility layer, specifically the nss_compat_ossl component, which in multi-keyword mode fails to match the expected cipher set for a given cipher combination. The underlying issue is a mismatch in how cipherstrings are parsed, e...
AZL-6770 CVE-2015-3276 affecting package openldap for versions less than 2.4.57-5
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...
DEBIAN-CVE-2015-3276
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...