Lucene search
+L

44 matches found

UbuntuCve
UbuntuCve
added 2005/10/18 9:2 p.m.39 views

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

5CVSS6.6AI score0.04866EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/10/18 4:0 a.m.23 views

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

5.5AI score0.04866EPSS
Exploits0References74
Cisco
Cisco
added 2005/10/12 3:54 p.m.50 views

OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities

OpenSSL contains vulnerabilities that could allow an unauthenticated, remote attacker to bypass security restrictions. The first vulnerability CVE-2005-2969 affects any application using a SL/TLS server implementation provided by OpenSSL versions 0.9.7g and prior. If these implementations have...

5CVSS2.6AI score0.04866EPSS
Exploits0References1Affected Software7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/10/11 12:0 a.m.39 views

JVN#23632449: OpenSSL version rollback vulnerability

Impact When performing communication through a path controlled by an attacker using OpenSSL, the attacker conducting a man-in-the-middle MITM attack can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0 to intercept or alter data...

5CVSS5.5AI score0.04866EPSS
Exploits0
Rows per page
Query Builder