SSH-Weak-DH - SSH Weak Diffie-Hellman Group Identification Tool

This tool establishes SSH connections to a server, thereby enumerating through various client configurations, in order to determine whether the server allows a Diffie-Hellman DH key exchange based on a weak group. We hope that our tool will be useful to check SSH servers for weak DH key exchange...

SUSE SLES11 Security Update : openssl (SUSE-SU-2016:1290-1)

This update for openssl fixes the following issues : Security issues fixed : - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2109: ASN.1 BIO excessive memory...

SUSE-SU-2016:1290-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2109: ASN.1 BIO excessive memory...

Mike Mimoso and Chris Brook Discuss the Latest Xen Vulnerability, CISA Passing the Senate, and More

Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more. Download: newswrap10-30-15.mp3 Music by Chris Gonsalves...

SUSE-SU-2015:1840-1 Security update for openssh

openssh was updated to fix four security issues. These security issues were fixed: - CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote attacke...

SUSE-SU-2015:1581-1 Security update for openssh

openssh was updated to fix several security issues and bugs. These security issues were fixed: CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remo...

Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20150630) (Logjam)

An out-of-bounds read flaw was found in the X509cmptime function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List CRL could possibly cause a TLS/SSL server or client using OpenSSL to crash. CVE-2015-1789 A NULL pointer dereference was found in the way OpenSSL...

nss: Do not allow p-1 as a public DH value (MFSA 2014-12)

It was found that NSS accepted weak Diffie-Hellman Key exchange DHKE parameters. This could possibly lead to weak encryption being used in communication between the client and the server...