CVE-2023-48795

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2019-6593

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle MITM attack, despite the...

SA133 : Sweet32 Birthday Attack against DES, 3DES, and Blowfish

SUMMARY Symantec Network ProtectionSy products that use the DES, 3DES, and Blowfish symmetric encryption ciphers in long-lived encrypted SSL/TLS, SSH, or VPN connections are susceptible to the Sweet32 birthday attack. A remote attacker with the ability to observe a long-lived encrypted connection...

Fedora 19 : Pound-2.6-8.fc19 (2014-13764)

Backport various security fixes. Note they usually are extra options that need to be enabled manually so that we won't break functionality : - CVE-2011-3389: Make it possible to deny use of 'BEAST' vulnerable ciphers - CVE-2012-4929: Disable compression to be safe from 'CRIME' - CVE-2005-2090:...