Lucene search
K

4 matches found

Prion
Prion
added 2013/03/20 4:55 p.m.20 views

Code injection

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

5CVSS7AI score0.02947EPSS
Exploits0References8Affected Software3
Cvelist
Cvelist
added 2013/03/20 4:0 p.m.27 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

6.3AI score0.02947EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2013/03/20 4:0 p.m.24 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

5CVSS6.3AI score0.02947EPSS
Exploits0
CVE
CVE
added 2013/01/09 6:0 p.m.163 views

CVE-2013-0013

The CVE-2013-0013 issue affects the Windows SSL/TLS stack: multiple Windows versions (Vista SP2, Server 2008 SP2/R2 and SP1, Windows 7, 8, Server 2012, Windows RT) have a flaw in the SSL provider that mishandles encrypted packets, enabling a man-in-the-middle to downgrade SSLv2 and intercept hand...

5.8CVSS6.3AI score0.06351EPSS
Exploits0References3Affected Software6
Rows per page
Query Builder