CVE-2026-48697

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...

CVE-2026-48697

Summary: CVE-2026-48697 affects FastNetMon Community Edition up to 1.2.9. The root cause is in execute_web_request_secure() in src/fast_library.cpp, which creates a Boost.Asio TLS client context (tls_client) and calls set_default_verify_paths() but never enables verify_peer. As a result, OpenSSL ...

Linux Distros Unpatched Vulnerability : CVE-2022-1434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacke...

OPENSUSE-SU-2023:0361-1 Security update for tor

This update for tor fixes the following issues: - tor 0.4.8.8: Mitigate an issue when Tor compiled with OpenSSL can crash during handshake with a remote relay. TROVE-2023-004, boo1216873 Regenerate fallback directories generated on November 03, 2023. Update the geoip files to match the IPFire...

openssl: assertion failure in SSLv2 servers

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled...

apache-linux.txt

/ LINUX X86 APACHE REMOTE EXPLOIT!!!!!!!!! This is the unpublished source for apache OpenSSL handshake exploit. We obtained this exploit by modifying a circulating apache worm, created by contem@efnet BY nebunu compile: gcc -o apache-ex apache.ex.c -lcrypto run: ./apache-ex do not use hostname! u...