643 matches found
DSA-888-1 openssl - cryptographic weakness
Bulletin has no description...
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 882-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 882-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 881-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 881-1 [email protected] http://www.debian.org/security/ Martin Schulze November 4th, 2005 http://www.debian.org/security/faq -...
DSA-881-1 openssl096 - cryptographic weakness
Bulletin has no description...
DSA-882-1 openssl095 - cryptographic weakness
Bulletin has no description...
[SECURITY] [DSA 875-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 875-1 [email protected] http://www.debian.org/security/ Martin Schulze October 27th, 2005 http://www.debian.org/security/faq -...
DSA-875-1 openssl094 - cryptographic weakness
Bulletin has no description...
Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)
Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities
OpenSSL contains vulnerabilities that could allow an unauthenticated, remote attacker to bypass security restrictions. The first vulnerability CVE-2005-2969 affects any application using a SL/TLS server implementation provided by OpenSSL versions 0.9.7g and prior. If these implementations have...
OpenSSL: SSL 2.0 protocol rollback
Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Description Applications setting the SSLOPMSIESSLV2RSAPADDING option or the SSLOPALL option, that implies it can be forced by a third-party to...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt3
Oct. 11, 2005 Dmitry V. Levin 0.9.7g-alt3 - Applied upstream fix for potential SSL 2.0 rollback during SSL handshake CAN-2005-2969...
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.7g-alt3
Oct. 11, 2005 Dmitry V. Levin 0.9.7g-alt3 - Applied upstream fix for potential SSL 2.0 rollback during SSL handshake CAN-2005-2969...
OpenSSL SSL 2.0 rollback (weak cryptography)
Active man-in-the-middle attacker can force rollback to SSL 2.0 protocol with known cryptographic weakness for both client and server if SSLOPMSIESSLV2RSAPADDING or SSLOPALL configuration option is enabled...