Debian DLA-400-1 : pound security update (BEAST) (POODLE)

This update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy. CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and...

Apache Httpd < 2.4.25 : Padding Oracle in Apache mod_session_crypto

Prior to Apache HTTP release 2.4.25, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks,...

RSA package for Python spoofing vulnerability

RSA package for Python is a Python RSA implementation that supports encryption and decryption, signing and verifying signatures, key generation and more. The 'verify' function of Python-RSA has a security vulnerability that allows a remote attacker to forge signatures using special signature...

PYSEC-2016-10

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

PYSEC-2016-10

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

UBUNTU-CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

GnuTLS Padding Oracle Information Disclosure Vulnerability

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols developed by Nikos Mavrogiannopoulos of Belgium and Simon Josefsson of Sweden, software developers. An information disclosure vulnerability exists in GnuTLS. An attacker could exploit this vulnerabilit...

Debian DLA-364-1 : gnutls26 security update

Hanno Bck discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validated the first padding byte in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. For Debian 6 'Squeeze', this issue has been fixed in gnutls...

[SECURITY] [DLA 364-1] gnutls26 security update

Package : gnutls26 Version : 2.8.6-1+squeeze6 CVE ID : CVE-2015-8313 Hanno Böck discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validated the first padding byte in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding orac...

DLA-364-1 gnutls26 - security update

Bulletin has no description...

Debian DSA-3408-1 : gnutls26 - security update

It was discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 3408-1] gnutls26 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3408-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3408-1] gnutls26 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3408-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3408-1 (gnutls26 - security update)

It was discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. OpenVAS Vulnerability Test $Id: deb3408.nasl 6609 2017-07-0...

Ubuntu 14.04 LTS : GnuTLS vulnerability (USN-2821-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2821-1 advisory. It was discovered that GnuTLS incorrectly validated the first byte of padding in CBC modes. A remote attacker could possibly use this issue to perform a padding...

Ubuntu: Security Advisory (USN-2821-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-3408-1 gnutls26 - security update

Bulletin has no description...

USN-2821-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly validated the first byte of padding in CBC modes. A remote attacker could possibly use this issue to perform a padding oracle attack...