CVE-2022-20145

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for...

Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...

SUSE CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data...

CVE-2022-20145

Android CVE-2022-20145 exposes VPN credentials via a downgrade in Vpn.java: startLegacyVpnPrivileged in Android 11, enabling remote privilege escalation when connected to a malicious Wi‑Fi AP and requiring no user interaction. Affected product: Android (Android-11) framework component; vulnerabil...

Mageia: Security Advisory (MGASA-2015-0156)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 30 : libnbd (2019-749d828945)

New upstream version 1.0.2. Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. ---- Add upstream patch to fix nbdsh for nbdkit tests. ---- New stable version 1.0.1. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora 29 : libnbd (2019-8107ac4399)

New upstream version 1.0.2. Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. ---- Add upstream patch to fix nbdsh for nbdkit tests. ---- New stable version 1.0.1. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Design/Logic Flaw

Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present...

CVE-2016-2112

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream...

CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data...

Fedora 22 : zeromq-4.0.5-3.fc22 (2015-8635)

Cherry-pick a fix for the protocol downgrade attack CVE-2014-9721 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Debian DSA-3255-1 : zeromq3 - security update

It was discovered that libzmq, a lightweight messaging kernel, is susceptible to a protocol downgrade attack on sockets using the ZMTP v3 protocol. This could allow remote attackers to bypass ZMTP v3 security mechanisms by sending ZMTP v2 or earlier headers. %NASLMINLEVEL 70300 C Tenable Network...

Debian Security Advisory DSA 3255-1 (zeromq3 - security update)

It was discovered that libzmq, a lightweight messaging kernel, is susceptible to a protocol downgrade attack on sockets using the ZMTP v3 protocol. This could allow remote attackers to bypass ZMTP v3 security mechanisms by sending ZMTP v2 or earlier headers. OpenVAS Vulnerability Test $Id:...

Amazon Linux AMI : docker (ALAS-2015-522)

The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627 Libcontainer versi...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3 openssl security update

An update for the OpenSSL component for Red Hat JBoss Enterprise Application Platform 6.3 that provides a patch to mitigate the CVE-2014-3566 issue is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Red Hat JBoss...

CentOS 5 / 6 / 7 : nss (CESA-2014:1948) (POODLE)

Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security...