CVE-2011-4746

The billing system for Parallels Plesk Panel 10.3.1build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging protocol weaknesses...

MS15-084: Description of the security update for Windows XML core services: August 11, 2015

MS15-084: Description of the security update for Windows XML core services: August 11, 2015 Summary This security update resolves vulnerabilities in Microsoft Windows and Microsoft Office. The vulnerabilities could allow information disclosure by either exposing memory addresses if a user clicks ...

CVE-2015-2476

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by...

CVE-2015-2471

Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than...

CVE-2015-2434

Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than...

Information disclosure

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by...

CVE-2015-2476

CVE-2015-2476 affects the WebDAV client in Windows platforms (e.g., Vista SP2, Server 2008 SP2/R2, Windows 7, 8/8.1, Server 2012/R2, Windows RT) where SSL 2.0 is supported. The root cause is the ability for a remote attacker to conduct a decryption attack/Information Disclosure via MITM by downgr...

CVE-2015-2471

CVE-2015-2471 affects Microsoft XML Core Services 3.0, 5.0, and 6.0 which still support SSL 2.0. The root cause is the ability for a remote attacker to perform a decryption attack via SSL 2.0, leading to information disclosure. The connected documents describe the vulnerability and its disclosure...

CVE-2015-2434

The CVE-2015-2434 entry concerns Microsoft XML Core Services 3.0 and 5.0 that support SSL 2.0, which the sources describe as enabling a network-based decryption attack (man-in-the-middle) and thus exposing cryptographic protections. The connected documents corroborate that this vulnerability stem...

CVE-2015-2476

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by...

Microsoft Office XML Core Services Information Disclosure Vulnerability (3080129)

This host is missing an important security update according to Microsoft Bulletin MS15-084. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows XML Core Services Information Disclosure Vulnerability (3080129)

This host is missing an important security update according to Microsoft Bulletin MS15-084. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft WebDAV Client Information Disclosure Vulnerability (3076949)

This host is missing an important security update according to Microsoft Bulletin MS15-089. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-084: Vulnerabilities in XML core services could allow information disclosure: August 11, 2015

Resolves vulnerabilities in Windows and Office that could allow information disclosure by either exposing memory addresses if a user clicks a specially crafted link or by explicitly allowing the use of Secure Sockets Layer SSL 2.0.Summary This security update resolves vulnerabilities in Microsoft...

MS15-084: Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)

The remote Windows host contains a version of Microsoft XML Core Services MSXML that is affected by multiple information disclosure vulnerabilities : - An information disclosure vulnerability exists in XML Core Services MSXML due to the use of Secure Sockets Layer SSL 2.0. A man-in-the-middle...

X (Formerly Twitter): Twitter Flight SSL 2.0 deprecated protocol vulnerability.

Twitterflight.com From Twitter Inc..I just checked it with whois Website service encrypts traffic using an old deprecated protocol with known weakness wich is obsolete and insecure, you should disable it. POC in the attachments...

openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)

The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems. Following security issues were fixed : - SSL 2.0 is disabled by default - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong CVE-2011-3389 is...

openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)

Added a patch to fix errors in the pkcs11n.h header file. bmo702090 - update to 3.13.1 RTM - better SHA-224 support bmo647706 - fixed a regression causing hangs in some situations introduced in 3.13 bmo693228 - update to 3.13.0 RTM - SSL 2.0 is disabled by default - A defense against the SSL 3.0...

Slackware Advisory SSA:2005-286-01 OpenSSL

The remote host is missing an update as announced via advisory SSA:2005-286-01. OpenVAS Vulnerability Test $Id: esoftslkssa200528601.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2005-286-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...