MiracleLinux 4 : curl-7.19.7-46.AXS4 (AXSA:2015-432:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-432:02 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is...

EUVD-2014-6062

Malware in sbrugna...

EUVD-2015-4104

Malware in sbrugna...

EUVD-2013-6505

Malware in sbrugna...

EUVD-2016-4752

Malware in sbrugna...

EUVD-2019-6636

Malware in sbrugna...

wget security update

1.19.5-12.0.1 - SSLv3 support dropped from openssl, v3 test certificates need to be replaced Orabug: 29613455 1.19.5-12 - Resolves: RHEL-43559 - Misinterpretation of input may lead to improper behavior...

Oracle Linux 8 : wget (ELSA-2024-5299)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-5299 advisory. 1.19.5-12.0.1 - SSLv3 support dropped from openssl, v3 test certificates need to be replaced Orabug: 29613455 1.19.5-12 - Resolves: RHEL-43559 - Misinterpretati...

CVE-2024-0323

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients...

Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime SDM modules. The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws...

CVE-2024-0323 FTP uses unsecure encryption mechanisms

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients...

CVE-2024-0323

The CVE-2024-0323 entry affects the B&R Automation Runtime FTP server, where the FTP service supports insecure encryption mechanisms (SSLv3, TLS 1.0, TLS 1.1). Affected product: B&R Automation Runtime (FTP server). Documented impact: network-based attacker can perform man-in-the-middle attacks or...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition (CVE-2014-3566, CVE-2014-6457, CVE-2014-6468)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were...

Error "Enabling of SSLv3 is not supported on this platform" when enable SSLv3 in MPX 9110

Navigate to Traffic Management Load Balancing Virtual Servers , 2. Select and edit the SSL Virtual Server; 3. Click SSL Parameters , 4. Check SSLv3 option, 5. Error prompt: "Enabling of SSLv3 is not supported on this platform"...

Rockwell Automation Stratix SSL Padding Oracle On Downgraded Legacy Encryption (CVE-2014-3566)

A vulnerability was publicly announced in the SSLv3 protocol when using a block cipher in CBC mode. The vulnerability exists because the block cipher padding is not covered by the message authentication code and exposes users to a potential man-in-the-middle attack that relies on padding oracles...

Security Bulletin: Vulnerability in SSLv3 affects IBM BladeCenter Advanced Management Module (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack...

Security Bulletin: Vulnerabilities in SSLv3 and GNU C library (glibc) affect multiple products shipped with Intelligent Cluster (CVE-2014-3566, CVE-2015-0235)

Summary Information about security vulnerabilities affecting multiple products shipped as components of Intelligent Cluster has been published in security bulletins. The SSLv3 vulnerability CVE-2014-3566 is referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. The GNU C...

Security Bulletin: Vulnerability in NSS affects SAN Volume Controller and Storwize Family (CVE-2014-3566)

Summary There is a security vulnerability in NSS that is used by SAN Volume Controller and Storwize Family. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Description: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error when using...

Security Bulletin: Vulnerability in SSLv3 and OpenSSL affect SAN Volume Controller and Storwize Family (CVE-2014-3566 CVE-2014-3567)

Summary Security Bulletin: Vulnerabilities in Bash affect SAN Volume Controller and Storwize Family CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278 Vulnerability Details Security Bulletin --- Summary --- There are security vulnerabilities in SSLv3 that is...

Security Bulletin: Vulnerability in SSLv3 affects TS2900 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS2900. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information, cause...