Cisco ONS 15454 Controller Card Denial of Service Vulnerability

A vulnerability in the TLS/SSLv3 module of the Cisco ONS 15454 Controller Cards could allow an unauthenticated, remote attacker to cause the control card to reset. The vulnerability is due to improper validation of the TLS/SSLv3 packets. An attacker could exploit this vulnerability by sending a...

[SECURITY] [DSA-2141-1] New openssl packages fix protocol design flaw

------------------------------------------------------------------------ Debian Security Advisory DSA-2141-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 06, 2011 http://www.debian.org/security/faq -...

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6655)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

Ubuntu Update for nss vulnerability USN-927-1

Ubuntu Update for Linux kernel vulnerabilities USN-927-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9271.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for nss vulnerability USN-927-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.n...

SUSE: Security Advisory for openssl (SUSE-SA:2009:057)

The remote host is missing updates announced in advisory SUSE-SA:2009:057. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

SuSE Security Advisory SUSE-SA:2009:057 (openssl)

The remote host is missing updates announced in advisory SUSE-SA:2009:057. OpenVAS Vulnerability Test $Id: susesa2009057.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:057 openssl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6654)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...