Flaw in string parsing can lead to crashes due to invalid memory access.

The affected version of this crate did not guard against accessing memory beyond the range of its input data. A pointer cast to read the data into a 256-bit register could lead to a segmentation fault when the end plus the 32 bytes 256 bit read would overlap into the next page during string...

Security Bulletin: A security vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2019-1559)

Summary An OpenSSL vulnerability was disclosed on February 26, 2019 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain...

Intensio-Obfuscator - Obfuscate A Python Code 2.X And 3.X

Takes a python source code and transform it into an obfuscated python code, replace name of variables - classes - functions to random chars and defined length, removes comments, line breaks and add to each line a random script with an always differents values. Requirement Python = 3.5 Files...

SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1362-1)

This update for openssl fixes the following issues : Security issue fixed : CVE-2019-1559: Fixed a 0-byte record padding oracle via SSLshutdown bsc1127080. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

SUSE-SU-2019:1362-1 Security update for openssl

This update for openssl fixes the following issues: Security issue fixed: - CVE-2019-1559: Fixed a 0-byte record padding oracle via SSLshutdown bsc1127080...

Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability

Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-leng...

Security update for openssl-1_0_0 (moderate)

openSUSE Security Update: Security update for openssl-100 Announcement ID: openSUSE-SU-2019:1432-1 Rating: moderate References: 1117951 1127080 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

EulerOS Virtualization for ARM 64 3.0.1.0 : openssl (EulerOS-SA-2019-1400)

According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and...

Security Bulletin: IBM DataPower Gateway is affected by a padding oracle vulnerability (CVE-2019-1559)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2019-1559 Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts...

EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-1325)

According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then...

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-1326)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then...

PT-2019-12479 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.13 Description: The issue allows remote attackers to cause a denial of service or possibly have other impacts via UDP packets with a 0 payload, due to mishandling of padded packets. This is related to the ud...

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2019:1121-1)

This update for gnutls fixes to version 3.6.7 the following issues : Security issued fixed : CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages bsc1130682. CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API bsc1130681...

Zombie POODLE and GOLDENDOODLE Vulnerabilities

Recently new vulnerabilities like Zombie POODLE, GOLDENDOODLE, 0-Length OpenSSL and Sleeping POODLE were published for websites that use CBC Cipher Block Chaining block cipher modes. These vulnerabilities are applicable only if the server uses TLS 1.2 or TLS 1.1 or TLS 1.0 with CBC cipher modes...

Amazon Linux 2 : openssl (ALAS-2019-1188)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.CVE-2018-5407 If an application encounters a fatal protocol error...

There is a vulnerability in OpenSSL used by AIX.

IBM SECURITY ADVISORY First Issued: Tue Apr 16 10:48:55 CDT 2019 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory30.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory30.asc...

Amazon Linux AMI : openssl (ALAS-2019-1188)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. CVE-2018-5407 If an application encounters a fatal protocol erro...

Security update for openssl (moderate)

openSUSE Security Update: Security update for openssl Announcement ID: openSUSE-SU-2019:1175-1 Rating: moderate References: 1100078 1113975 1117951 1127080 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has three fixes is now...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on 30 October 2018 and later by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVE-ID:...

Medium: openssl

Issue Overview: A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.CVE-2018-5407 If an application encounters a fata...