MiracleLinux 3 : openssl-0.9.8e-31.AXS3 (AXSA:2014-604:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-604:01 advisory. Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared...

Siemens RUGGEDCOM ROS Devices Improperly Implemented Security Check for Standard (CVE-2021-42017)

A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications. This plugin only works...

EUVD-2021-29005

Malicious code in bioql PyPI...

Exploit for CVE-2014-3566

POODLE Attack Proof of Concept A complete demonstration envir...

rapidscan

This is a Python-based web vulnerability scanner called RapidScan. It is designed to automate the process of security scanning by using a multitude of available Linux security tools and some custom scripts. The tool is still under development and currently supports around 80 vulnerability tests...

CVE-2021-42017

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM...

POODLE SSLV3.0 Security Issue Workaround for License Server

Citrix Licensing 11.12.1 for Windows might be vulnerable to the Padding Oracle On Downgraded Legacy Encryption POODLE vulnerability. POODLE affects older standards of encryption - Secure Socket Layer SSL version 3 but not the newer encryption method Transport Layer Security TLS. Citrix suggests t...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition (CVE-2014-3566, CVE-2014-6457, CVE-2014-6468)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were...

Security Bulletin: TLS padding vulnerability affects Content Manager Enterprise Edition (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects Content Manager Enterprise Edition. Vulnerability Details CVE-ID : CVE-2014-8730 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...

Security Bulletin: Vulnerability in SSLv3 affects IBM BladeCenter Advanced Management Module (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack...

Security Bulletin: Vulnerability in SSLv3 affects TS2900 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS2900. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information, cause...

Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS3100/TS3200. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information...

Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 (CVE-2014-3566)

Summary Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 CVE-2014-3566 Vulnerability Details Security Bulletin --- Summary --- SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in...

Debian: Security Advisory (DLA-282-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Bluemix Workflow

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1 that is used by Bluemix Workflow. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL...

Security Bulletin: Vulnerability in SSLv3 affects IBM SAN b-type switches and directors (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM SAN b-type switches and directors. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obta...

Security Bulletin: IBM SAN b-type switch SSLv3 POODLE Attack - CVE-2014-3566

Summary IBM SAN b-type Switch products could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. Vulnerability Details CVE: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by a...

Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)

Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems. OpenSSL had a vulnerability which allowed forceful downgrad...

Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)

Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems. OpenSSL had a vulnerability which allowed forceful downgrad...

K15702: SSLv3 vulnerability CVE-2014-3566

Security Advisory Description A flaw in the design of Secure Socket Layer SSL version 3.0 has been discovered that may allow a network attacker to force a client to negotiate an SSL handshake using SSL version 3.0 ciphers instead of Transport Layer Security TLS version 1.x ciphers. The attacker c...