29 matches found
EUVD-2009-5074
Malware in sbrugna...
EUVD-2011-2981
Malware in sbrugna...
EUVD-2012-4530
Malware in sbrugna...
EUVD-2013-2956
Malware in sbrugna...
EUVD-2014-5998
Malware in sbrugna...
CVE-2009-5119
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack...
RUSTSEC-2022-0026 Incorrect MAC key used in the RC4-MD5 ciphersuite
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipie...
CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager TADDM before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353...
Security Bulletin: Incorrect SSL protocol variant in SCA HTTP binding affecting WebSphere Enterprise Service Bus, WebSphere Process Server and IBM Business Process Manager Advanced (CVE-2014-6176)
Summary The HTTP import binding in an SCA module can be configured with a reference to a SSL configuration that exists on the application server. The HTTP binding uses always the SSLv3 protocol variant regardless of the SSL protocol setting in the referenced SSL configuration. Vulnerability Detai...
IBM Tivoli Identity Manager and Security Identity Manager Information Disclosure Vulnerability (CNVD-2018-08707)
IBM Tivoli Identity Manager and Security Identity Manager are both products of IBM Corporation of the U.S.A. IBM Tivoli Identity Manager is a suite of identity management software used to manage user rights across heterogeneous IT resources.Security Identity Security Identity Manager is an identi...
CVE-2014-6112
IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 make it easier for remote attackers to obtain sensitive information by leveraging support for weak SSL ciphers. IBM X-Force ID...
EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2017-1039)
According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote...
Gratipay: bring grtp.co up to A grade on SSLLabs
Issues at https://grtp.co/ reference for Weak SSL Ciphers:https://www.owasp.org/index.php/TestingforWeakSSL/TLSCiphers,InsufficientTransportLayerProtectionOTG-CRYPST-001 Weak SSL Ciphers supported at port 443: TLS 1.0: TLSECDHERSAWITH3DESEDECBCSHA ec 256 - C TLSDHERSAWITH3DESEDECBCSHA dh 1024 - D...
Mandriva Linux Security Advisory : ejabberd (MDVSA-2014:005)
A vulnerability has been discovered and corrected in ejabberd : The TLS driver in ejabberd before 2.1.12 supports 1 SSLv2 and 2 weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack CVE-2013-6169. The updated packages have been...
CVE-2013-4508
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network...
CVE-2013-4508
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network...
Information disclosure
The TLS driver in ejabberd before 2.1.12 supports 1 SSLv2 and 2 weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack...
CVE-2013-6169
The TLS driver in ejabberd before 2.1.12 supports 1 SSLv2 and 2 weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack...
CVE-2012-4605
The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then...
Default configuration
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack...