Lucene search
K

30 matches found

Hacker One
Hacker One
added 2015/02/25 7:49 a.m.114 views

Mail.ru: scfbp.tng.mail.ru: Heartbleed

MacBook-Pro-Kirill:Pentest isox$ python heartbleed.py scfbp.tng.mail.ru defribulator v1.16 A tool to test and exploit the TLS heartbeat vulnerability aka heartbleed CVE-2014-0160 Connecting to: scfbp.tng.mail.ru:443, 1 times Sending Client Hello for TLSv1.0 Received Server Hello for TLSv1.0...

5CVSS7.7AI score0.99999EPSS
Exploits88
Tenable Nessus
Tenable Nessus
added 2014/10/17 12:0 a.m.270 views

Oracle Linux 6 / 7 : openssl (ELSA-2014-1652)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1652 advisory. - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV t...

7.5CVSS8AI score0.99999EPSS
Exploits106References3
Tenable Nessus
Tenable Nessus
added 2014/08/06 12:0 a.m.150 views

HP Version Control Repository Manager (VCRM) Heartbeat Information Disclosure (Heartbleed)

The HP Version Control Repository Manager VCRM install on the remote Windows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS...

7.5CVSS8AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/08/06 12:0 a.m.285 views

HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)

The RPM installation of HP Version Control Agent VCA on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions...

7.5CVSS7.9AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/08/06 12:0 a.m.199 views

HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)

The RPM installation of HP Version Control Agent VCA on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions...

7.5CVSS7.9AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/07/08 12:0 a.m.470 views

Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)

According to its banner, the remote host is running a version of Kerio Connect formerly Kerio MailServer version 8.2.x prior to 8.2.4. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS...

7.5CVSS8.1AI score0.99999EPSS
Exploits88References7
Tenable Nessus
Tenable Nessus
added 2014/07/07 12:0 a.m.84 views

Triangle MicroWorks SCADA Data Gateway < 3.3.729 Heartbeat Information Disclosure (Heartbleed)

Binary data scadatrianglegateway33729.nbin...

7.5CVSS7.3AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/05/27 12:0 a.m.583 views

Attachmate Reflection X Heartbeat Information Disclosure (Heartbleed)

The Attachmate Reflection X install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary...

7.5CVSS8AI score0.99999EPSS
Exploits88References7
Tenable Nessus
Tenable Nessus
added 2014/05/16 12:0 a.m.92 views

Blue Coat ProxyAV 3.5.1.1 - 3.5.1.6 Heartbeat Information Disclosure (Heartbleed)

According to its self-reported version number, the firmware installed on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain...

7.5CVSS8AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/05/12 12:0 a.m.210 views

Symantec Endpoint Protection Manager < 12.1 RU4 MP1a OpenSSL Heartbeat Information Disclosure (Heartbleed)

According to its self-reported version number, the version of Symantec Endpoint Protection Manager SEPM installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extension...

7.5CVSS8AI score0.99999EPSS
Exploits88References6
ThreatPost
ThreatPost
added 2014/05/09 9:56 a.m.11 views

Digi International Gateways Vulnerable to Heartbleed

Wireless Web mesh gateways used everywhere from industrial control environments to home area networks are vulnerable to the Heartbleed OpenSSL vulnerability. The Industrial Control System Computer Emergency Response Team ICS-CERT issued an advisory Thursday warning SCADA and ICS managers with Dig...

7.2AI score
Exploits0References8
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.165 views

APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 AirPort Base Station Firmware Update 7.7.3 is now available and addresses the following: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An...

5CVSS7.5AI score0.99999EPSS
Exploits88
Tenable Nessus
Tenable Nessus
added 2014/05/02 12:0 a.m.123 views

McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)

The remote host has a version of McAfee Firewall Enterprise installed that is affected by an out-of-bounds read error, known as Heartbleed, in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer...

7.5CVSS8.3AI score0.99999EPSS
Exploits88References6
Tenable Nessus
Tenable Nessus
added 2014/04/30 12:0 a.m.272 views

Fedora 20 : stunnel-5.01-1.fc20 (2014-5321)

New upstream release Supports OpenSSL DLLs 1.0.1g. Fixes to take care of OpenSSL,s TLS heartbeat read overrun CVE-2014-0160. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean an...

7.5CVSS8AI score0.99999EPSS
Exploits88References1
Tenable Nessus
Tenable Nessus
added 2014/04/30 12:0 a.m.43 views

Fedora 19 : stunnel-5.01-1.fc19 (2014-5337)

New upstream release with following important changes : Supports OpenSSL DLLs 1.0.1g. Fixes to take care of OpenSSL's TLS heartbeat read overrun CVE-2014-0160. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

7.5CVSS8AI score0.99999EPSS
Exploits88References1
Tenable Nessus
Tenable Nessus
added 2014/04/29 12:0 a.m.56 views

BlackBerry Enterprise Service Information Disclosure (KB35882) (Heartbleed)

The BlackBerry Enterprise Service BES install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such ...

7.5CVSS8AI score0.99999EPSS
Exploits88References6
Packet Storm
Packet Storm
added 2014/04/24 12:0 a.m.274 views

Heartbleed OpenSSL Information Leak Proof Of Concept

/ CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted...

5CVSS8.2AI score0.99999EPSS
Exploits88
Tenable Nessus
Tenable Nessus
added 2014/04/21 12:0 a.m.45 views

VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)

The installed version of VMware Player 6.x running on Linux is prior to 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow...

7.5CVSS7.8AI score0.99999EPSS
Exploits89References8
Tenable Nessus
Tenable Nessus
added 2014/04/11 12:0 a.m.70 views

AIX OpenSSL Advisory : openssl_advisory7.doc (Heartbleed)

The version of OpenSSL running on the remote host is affected by an information disclosure vulnerability. OpenSSL incorrectly handles memory in the TLS heartbeat extension, potentially allowing a remote attacker to read the contents of up to 64KB of server memory, potentially exposing passwords,...

7.5CVSS8.1AI score0.99999EPSS
Exploits88References5
0day.today
0day.today
added 2014/04/09 12:0 a.m.159 views

OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)

Exploit for multiple platform in category remote exploits Exploit Title: OpenSSL TLS Heartbeat Extension - Memory Disclosure - Multiple SSL/TLS versions Date: 2014-04-09 Exploit Author: Csaba Fitzl Vendor Homepage: http://www.openssl.org/ Software Link:...

5CVSS8.2AI score0.99999EPSS
Exploits88
Rows per page
Query Builder