Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2020-2076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.5AI score0.98685EPSS
Exploits0References2
Veracode
Veracode
added 2017/02/10 1:27 a.m.43 views

Brute Force Decryption

OpenSSL is vulnerable to brute-force decryption attacks and RSA-to-EXPORTRSA downgrade attacks. These attacks are possible through the ssl3getkeyexchange function which offers a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue...

4.3CVSS5.9AI score0.98685EPSS
Exploits0References68Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/01/16 12:0 a.m.55 views

OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 0.9.8zd. It is, therefore, affected by multiple vulnerabilities as referenced in the 0.9.8zd advisory. - The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the...

5CVSS7.5AI score0.98685EPSS
Exploits0References13
CVE
CVE
added 2015/01/09 2:0 a.m.557 views

CVE-2015-0204

CVE-2015-0204 affects OpenSSL client code and enables a Man‑in‑the‑Middle downgrade attack (FREAK) by negotiating an export‑grade RSA key. Affected OpenSSL versions: 0.9.8z d and earlier; 1.0.0 up to but not including 1.0.0p; 1.0.1 up to but not including 1.0.1k. The vulnerability allows brute‑fo...

4.3CVSS6.5AI score0.98685EPSS
Exploits0References66Affected Software1
Cvelist
Cvelist
added 2015/01/09 2:0 a.m.27 views

CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

6.5AI score0.98685EPSS
Exploits0References66
Debian CVE
Debian CVE
added 2015/01/09 2:0 a.m.62 views

CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

4.3CVSS6.5AI score0.98685EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/01/08 12:0 a.m.105 views

CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

4.3CVSS7AI score0.98685EPSS
Exploits0References2
Rows per page
Query Builder