71 matches found
Security update for openldap2 (important)
This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
SUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2016:0224-1) (Logjam)
This update fixes the following security issues : - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
SUSE-SU-2016:0224-1 Security update for openldap2
This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
How to Generate SHA2 CSR on NetScaler Using OpenSSL
This article describes how to generate SHA2 Certificate Signing Request CSR on NetScaler using OpenSSL. Background Currently there is no option to create SHA2 CSR from NetScaler GUI however you can leverage the OpenSSL commands for creating SHA2 CSR from NetScaler...
OracleVM 3.2 : onpenssl (OVMSA-2014-0008)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 ...
OracleVM 2.2 : openssl (OVMSA-2014-0007)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 ...
Audit Project Released Verified Repositories of TrueCrypt 7.1a
As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software a...
February 2014 Microsoft Patch Tuesday Security Bulletins
February’s Microsoft Patch Tuesday promises to be a relatively straightforward set of bulletins, but more noteworthy is that it’s the same day Microsoft officially deprecates the MD5 hash algorithm. Announced last August, Microsoft will officially restrict the use of digital certificates with MD5...
openssh security, bug fix, and enhancement update
5.3p1-94 - use dracut-fips package to determine if a FIPS module is installed 1001565 5.3p1-93 - use dist tag in suffixes for hmac checksum files 1001565 5.3p1-92 - use hmacsuffix for ssh,d hmac checksums 1001565 5.3p1-91 - fix NSS keys support 1004763 5.3p1-90 - change default value of MaxStartu...
NetBSD SHA2实现存在缓冲区溢出漏洞
Bugraq ID: 35853 NetBSD是一款基于BSD的操作系统。 NetBSD SHA2实现存在边界错误,本地攻击者可以利用漏洞触发缓冲区溢出,可能以应用程序权限执行任意指令。 程序使用sys/sha2.h中的SHA2实现,链接libcrypto库可被4或者8个字节的固定内容溢出。溢出发生于HASH INIT函数调用过程中如SHA256Init,init函数传递错误的上下文大小作为memset参数,可在之后的拷贝过程中覆盖缓冲区之后的4 字节内容。 NetBSD NetBSD 4.0.2 NetBSD NetBSD 4.0.1 NetBSD NetBSD 5.0 NetBSD...
WSDCFE_SHA2_PreReq_Svr2008 SP2
SHA2 detectoid for Server 2008 SP2...