267 matches found
Using WebSocket as your Real Time Protocol? Wallam got you covered.
In the beginning there was http 1 or 2, web pages were static and did not do much beyond displaying static text and images. Life has changed since… Web applications discovered that bi-directional communication between the browser and the web server is essential. Of course, http protocol, with it’...
CVE-2017-6297
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...
CVE-2016-8492
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...
F5 Networks BIG-IP : libxml2 vulnerability (K14338030)
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 File data f5bigipSOL14338030.nasl...
Brocade NetIron OS Denial of Service Vulnerability
NetIron OS is a power service network solution. NetIron OS has a memory corruption vulnerability in the IPsec code path that could allow an attacker to cause a denial of service via a constructed IPsec control packet...
CVE-2016-8203
A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service line card reset via certain constructed IPsec control packets...
ALPINE-CVE-2016-2183
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
UBUNTU-CVE-2016-2183
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
F5 Networks BIG-IP : QEMU vulnerability (SOL51841514)
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WINREADNATIVEMAX command to an empty drive, which triggers a...
Microsoft Windows IPSec Denial of Service Vulnerability (3102939)
This host is missing an important security update according to Microsoft Bulletin MS15-120. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
IETF Officially Deprecates SSLv3
Attacks such as POODLE and BEAST not only caused some sleepless nights for server admins having to patch against the respective weaknesses, but they also accelerated SSLV3 deprecation. In the time since both attacks were disclosed, major browsers have removed the fallback condition that enabled t...
Cisco ASA ICV Checksum IPSec/IKEv2 Message Content Modification Vulnerability
The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A security vulnerability exists in the Cisco Adaptive Security Appliance due to the AES-GCM code of the Cavium Networks cryptographic module component of the program failin...
CVE-2014-9721
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...
DEBIAN-CVE-2014-9721
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...
CVE-2014-9721
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...
The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information
The vulnerability of the ipsec-tools package up to version 0.6.7 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the strongswan-ipsec package for the OpenSUSE operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
[SECURITY] Fedora 20 Update: libhtp-0.5.6-2.fc20
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a 'stack extension attack,' a related issue to...
F5 Networks BIG-IP : SSL Renegotiation vulnerability (SOL10737)
The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL10737. The text description of this plugin is C F5 Networks...