EulerOS Virtualization 2.10.1 : krb5 (EulerOS-SA-2026-1124)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...

EUVD-2014-2744

Malware in sbrugna...

EUVD-2016-5739

Malware in sbrugna...

EUVD-2015-2890

Malware in sbrugna...

CVE-2020-11615

NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure...

CVE-2007-6043

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on 1 forward security and 2 backward security, related to use of eight...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM i (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM i Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to...

PT-2023-5882 · Mbed Tls +3 · Mbed Tls +3

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 2.x before 2.28.5 Mbed TLS versions 3.x before 3.5.0 Description: The issue is related to errors in handling encryption in DTLS connections, specifically when using zero encryption or RC4 cipher. This can allow a remote...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM BladeCenter Switches (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM BladeCenter Switches. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM BladeCenter Switches. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and S...

Security Bulletin: Vulnerability in RC4 stream cipher affects the IBM FlashSystem models 840 and 900 (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects the IBM® FlashSystem™ 840 and IBM FlashSystem 900. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...

November 17, 2022—KB5021654 (OS Build 14393.5502) Out-of-band

November 17, 2022—KB5021654 OS Build 14393.5502 Out-of-band 10/11/22 IMPORTANT On January 10, 2023, the public extension for servicing devices that have the Intel Atom Clover Trail processor will end. The January 10, 2023 security update is the last update for these devices. After that date, they...

November 17, 2022—KB5021656 (OS Build 20348.1251) Out-of-band

November 17, 2022—KB5021656 OS Build 20348.1251 Out-of-band 11/8/22 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a non-security preview release for the month of December 2022. There will be a monthly security release known as a “B”...

Security Bulletin: Vulnerability in RC4 stream cipher affects Operations Analytics Predictive Insights (CVE-2015-2808)

Abstract The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Operations Analytics Predictive Insights which is consuming WebSphere Application Server 8.5.5.1 Content Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a...

Security Bulletin: Vulnerability in RC4 stream cipher affects DS8000 (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects DS8000 Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security Network Intrusion Prevention System (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID:CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...

Security Bulletin: Vulnerability in RC4 stream cipher affects GPFS V3.5 for Windows (CVE-2015-2808) / Enabling weak cipher suites for IBM General Parallel File System is NOT recommended

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenSSH for GPFS V3.5 for Windows. Additionally, with the recent attention to RC4 “Bar Mitzvah” Attack for SSL/TLS, this is a reminder to NOT enable weak or export-level cipher suites for IBM General Parallel File System GPFS. Vulnerability...

CVE-2020-11615

NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure...

Hardcoded credentials

NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure...

Security Bulletin: AMI Baseboard Management Controller (BMC) Firmware Vulnerabilities in NVIDIA DGX-1, DGX-2, and DGX A100 Servers - October 2020

NVIDIA has released a firmware security update for NVIDIA DGX™ servers. This update addresses security issues in the AMI Baseboard Management Controller BMC firmware that may lead to remote code execution, elevation of privileges, or information disclosure. All issues require network access to th...

Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Developer for System z (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Rational Developer for System z. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with your IBM ID ---|--- CVEID:...