CVE-2019-5592

Multiple padding oracle vulnerabilities Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled,...

CVE-2019-5592

CVE-2019-5592 describes padding oracle vulnerabilities in FortiOS SSL Deep Inspection with CBC padding in the FortiOS IPS engine. Affected FortiGate/FortiOS IPS versions (5.000–5.006, 4.000–4.036, 4.200–4.219, and 3.547 and below) configured with SSL Deep Inspection policies and the IPS sensor en...

OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2t. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2t advisory. - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, aft...

OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0l. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0l advisory. - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, aft...

openssl security update

1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...

openssl security update

CentOS Errata and Security Advisory CESA-2019:2471 An update for openssl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 6 : openssl (RHSA-2019:2471)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2471 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

openssl security and bug fix update

1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

RHEL 7 : openssl (RHSA-2019:2304)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2304 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

FreeBSD : FreeBSD -- Kernel stack disclosure in UFS/FFS (ff82610f-b309-11e9-a87f-a4badb2f4699)

A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stack...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

libssh2: Out-of-bounds reads with specially crafted SSH packets

An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory...

CVE-2019-5601

In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding...

CVE-2019-5601

In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding...

FreeBSD-SA-19:10.ufs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:10.ufs Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in UFS/FFS Category: core Module: Kernel Announced: 2019-07-02 Credits: David G...

Security update for compat-openssl098 (moderate)

openSUSE Security Update: Security update for compat-openssl098 Announcement ID: openSUSE-SU-2019:1637-1 Rating: moderate References: 1117951 1127080 1131291 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has two fixes is now...

RUSTSEC-2019-0008 Flaw in string parsing can lead to crashes due to invalid memory access.

The affected version of this crate did not guard against accessing memory beyond the range of its input data. A pointer cast to read the data into a 256-bit register could lead to a segmentation fault when the end plus the 32 bytes 256 bit read would overlap into the next page during string...