57 matches found
EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1145)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the...
MGASA-2019-0106 Updated openssl packages fix security vulnerability
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
Updated openssl packages fix security vulnerability
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
[SECURITY] [DLA 1701-1] openssl security update
Package : openssl Version : 1.0.1t-1+deb8u11 CVE ID : CVE-2019-1559 Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive...
OpenSSL 1.0.2 < 1.0.2r Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2r. It is, therefore, affected by a vulnerability as referenced in the 1.0.2r advisory. - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one th...
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
Design/Logic Flaw
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
CVE-2019-1559
OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
Vulnerability in OpenSSL - 0-byte record padding oracle
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
FreeBSD : OpenSSL -- Padding oracle vulnerability (7700061f-34f7-11e9-b95c-b499baebfeaf)
The OpenSSL project reports : 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...
A protocol error occurred while communicating with the authentication service
Adding Store to Receiver for Windows will fail with below mentioned error message:...
MDVA-2009:081 : x11-server
Due to a wrong guess of resource types in the X server, some applications would be terminated with a BadName protocol error when the server was configured to use xfs X font server. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated pat...
Debian: Security Advisory (DSA-394)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
oracle8-tnslsnr-DoS.txt
Oracle8 TNSLSNR DoS Jason Ackley [email protected] Mon, 28 Dec 1998 16:21:20 -0800 Greetings, I hope everyone had happy holidays with the IOS and Sun bugs, but now its time to get back to business.. Ohhh OK, one more DoS ! : Hopefully this is new, I searched the archives for 'tns' and 'oracle', bu...