14 matches found
EUVD-2005-2969
Malware in sbrugna...
Debian: Security Advisory (DSA-888-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 882-1 (openssl095)
The remote host is missing an update to openssl095 announced via advisory DSA 882-1. OpenVAS Vulnerability Test $Id: deb8821.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 882-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-881-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-875-1 : openssl094 - cryptographic weakness
Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer OpenSSL library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix...
Ubuntu 4.10 / 5.04 / 5.10 : openssl vulnerability (USN-204-1)
Yutaka Oiwa discovered a possible cryptographic weakness in OpenSSL applications. Applications using the OpenSSL library can use the SSLOPMSIESSLV2RSAPADDING option or SSLOPALL, which implies the former to maintain compatibility with third-party products, which is achieved by working around known...
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 888-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...
DSA-888-1 openssl - cryptographic weakness
Bulletin has no description...
[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 881-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
DSA-882-1 openssl095 - cryptographic weakness
Bulletin has no description...
DSA-875-1 openssl094 - cryptographic weakness
Bulletin has no description...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
OpenSSL: SSL 2.0 protocol rollback
Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Description Applications setting the SSLOPMSIESSLV2RSAPADDING option or the SSLOPALL option, that implies it can be forced by a third-party to...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...