Lucene search
K

6 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.42 views

K41738501: Mozilla NSS vulnerability CVE-2018-12384

Security Advisory Description When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not...

5.9CVSS6AI score0.01496EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/09 10:23 p.m.29 views

CVE-2018-12384

A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack...

5.9CVSS2.2AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

NewStart CGSL MAIN 4.05 : nss Vulnerability (NS-SA-2019-0131)

The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by a vulnerability: - A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this fla...

5.9CVSS6.1AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.19 views

Amazon Linux 2 : nss (ALAS-2018-1095)

A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack.CVE-2018-12384 C Tenable Network Security, Inc. The descriptive text and package checks in this...

5.9CVSS6AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/25 12:0 a.m.18 views

Amazon Linux AMI : nss (ALAS-2018-1095)

A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack.CVE-2018-12384 C Tenable Network Security, Inc. The descriptive text and package checks in this...

5.9CVSS6AI score0.01496EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/10/09 4:0 p.m.4 views

nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello

A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack...

5.9CVSS7.1AI score0.01496EPSS
Exploits0References6
Rows per page
Query Builder