17 matches found
EUVD-2019-14706
Malware in sbrugna...
EUVD-2019-14707
Malware in sbrugna...
CVE-2019-5101
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
OpenWrt ustream-ssl library information disclosure vulnerability (CNVD-2019-42439)
OpenWrt is a Linux operating system for embedded devices. ustream-ssl is one of the cryptographic libraries. The ustream-ssl library in OpenWrt version 18.06.4 and 15.05.1 is vulnerable to an information disclosure vulnerability that can be exploited by an attacker to attack vulnerable components...
CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5101
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
Information disclosure
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
Information disclosure
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5102
OpenWrt ustream-ssl information disclosure (CVE-2019-5102) affects OpenWrt 18.06.4 and 15.05.1. The ustream-ssl library does not properly terminate or validate server certificates, allowing a man-in-the-middle to intercept data on the first request despite certificate checks. Talos notes this beh...
CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5101
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...
CVE-2019-5101
OpenWrt vulnerability CVE-2019-5101 affects the ustream-ssl library (used by tools like wget) in OpenWrt 18.06.4 and 15.05.1. The issue allows information disclosure via MITM because the server certificate is checked but no action is taken for invalid certificates; after SSL initialization and in...
OpenWrt ustream-ssl library information disclosure vulnerability
OpenWrt is a Linux operating system for embedded devices. ustream-ssl is one of the cryptographic libraries. The ustream-ssl library in OpenWrt version 18.06.4 and 15.05.1 is vulnerable to an information disclosure vulnerability that can be exploited by an attacker to obtain sensitive information...
OpenWrt ustream-ssl certificate verification information leak vulnerability
Talos Vulnerability Report TALOS-2019-0893 OpenWrt ustream-ssl certificate verification information leak vulnerability November 15, 2019 CVE Number CVE-2019-5101,CVE-2019-5102 SUMMARY An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and...
PT-2019-5517 · Openwrt · Openwrt
Name of the Vulnerable Software and Affected Versions: OpenWrt versions 15.05.1 through 18.06.4 Description: The issue is related to errors in the certificate authentication procedure of the Ustream-SSL library in OpenWrt. This can be exploited by a remote attacker to perform a man-in-the-middle...