CVE-2014-2897

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read...

Security Bulletin: Vulnerabilities in OpenSSL affect Integrated Management Module 2 (IMM2) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Integrated Management Module 2. Integrated Management Module 2 has addressed the applicable CVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Upward Integration Modules UIM. Upward Integration Modules UIM has addressed the applicableCVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerabilities in OpenSSL affects IBM Chassis Management Module (CMM) (CVE-2014-3567)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by IBM Chassis Management Module. IBM Chassis Management Module has addressed the applicable CVEsand included the SSL 3.0 Fallback...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Worklight (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by the optional FIPS 140-2 data-in-motion feature in IBM Worklight. IBM Worklight has addressed the applicable CVEs and included the SSL...

Fedora 20 : nss-3.19.1-1.0.fc20 / nss-softokn-3.19.1-1.0.fc20 / nss-util-3.19.1-1.0.fc20 (2015-9161) (Logjam)

Security fix for CVE-2015-4000 Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack. The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default. For the full list ...

Fedora 21 : nss-3.19.1-1.0.fc21 / nss-softokn-3.19.1-1.0.fc21 / nss-util-3.19.1-1.0.fc21 (2015-9130) (Logjam)

Security fix for CVE-2015-4000 Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack. The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default. For the full list ...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2011-10) (BEAST)

A flaw was found in the Java RMI Remote Method Invocation registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. CVE-2011-3556 A flaw was found in the Java RMI registry implementation. A remote RMI client could use this...

CentOS Update for java CESA-2011:1380 centos5 x86_64

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2011:1380 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 (java-1.6.0-openjdk)

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:170)

Security issues were identified and fixed in openjdk icedtea6 and icedtea-web : IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking CVE-2011-3547. IcedTea6 prior to 1.10.4 allow...