ssl tls software vulnerabilities
vulnerabilities.aspcode.net
Searching ssl tls software vulnerabilities
Microsoft Internet Explorer 6.0, when handling
man-in-the-middle
|
certificate
|
webserver's
|
handshake
|
searching
|
attackers
|
Microsoft
|
handling
|
Explorer
|
Internet
|
perform
|
expired
|
CA-CERT
|
SSL/TLS
|
finding
|
before
|
during
|
attack
|
prompt
|
chain
|
allow
|
newer
|
which
|
does
|
user
|
not
|
may
|
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability.
The SSL and TLS components for OpenSSL 0.9.6i a
components
|
OpenSSL
|
earlier
|
096i
|
TLS
|
SSL
|
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
The do_change_cipher_spec function in OpenSSL 0
do_change_cipher_spec
|
attackers
|
function
|
service
|
OpenSSL
|
allows
|
remote
|
denial
|
cause
|
096k
|
096c
|
097c
|
097a
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
The SSL/TLS handshaking code in OpenSSL 0.9.7a,
ciphersuites
|
handshaking
|
handshake
|
attackers
|
Kerberos
|
properly
|
tickets
|
OpenSSL
|
service
|
SSL/TLS
|
during
|
length
|
allows
|
remote
|
denial
|
which
|
cause
|
check
|
using
|
097c
|
097a
|
does
|
code
|
097b
|
not
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Stack-based buffer overflow in the ssl_util_uue
ssl_util_uuencode_binary
|
certificate
|
Stack-based
|
configured
|
arbitrary
|
attackers
|
ssl_utilc
|
overflow
|
function
|
subject
|
execute
|
mod_ssl
|
issuing
|
Apache
|
buffer
|
client
|
remote
|
allow
|
trust
|
code
|
long
|
may
|
via
|
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
Java Secure Socket Extension (JSSE) 1.0.3 throu
Extension
|
Socket
|
Secure
|
Java
|
Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS.
pam_ldap and nss_ldap, when used with OpenLDAP
connecting
|
subsequent
|
connection
|
cleartext
|
attackers
|
pam_ldap
|
nss_ldap
|
password
|
referred
|
OpenLDAP
|
client
|
master
|
allows
|
remote
|
sniff
|
cause
|
slave
|
using
|
which
|
used
|
sent
|
does
|
use
|
not
|
may
|
TLS
|
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
The SSL/TLS server implementation in OpenSSL 0.
implementation
|
OpenSSL
|
SSL/TLS
|
server
|
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.
mod_ssl in Apache 2.0 up to 2.0.55, when config
mod_ssl
|
Apache
|
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
TLS handshakes in Tor before 0.1.1.20 generate
handshakes
|
before
|
Tor
|
TLS
|
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys.
Mozilla Network Security Service (NSS) library
Security
|
Service
|
Mozilla
|
Network
|
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on Tuesday, November 07, 2006, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462.
The Kernel SSL Proxy service (svc:/network/ssl/
service
|
Kernel
|
Proxy
|
SSL
|
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before Tuesday, September 26, 2006 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.
Mozilla Network Security Service (NSS) library
Security
|
Service
|
Mozilla
|
Network
|
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340.
The Cisco Security Monitoring, Analysis and Res
Monitoring
|
Analysis
|
Response
|
Security
|
System
|
Cisco
|
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.
The Terminal Server in Microsoft Windows 2003 S
Microsoft
|
Terminal
|
Windows
|
Server
|
The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006.
Mail Notification 4.0, when WITH_SSL is set to
Notification
|
connections
|
unencrypted
|
information
|
configured
|
sensitive
|
attackers
|
accounts
|
WITH_SSL
|
sniffing
|
network
|
SSL/TLS
|
compile
|
remote
|
obtain
|
allows
|
which
|
uses
|
time
|
Mail
|
set
|
Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote attackers to obtain sensitive information by sniffing the network.
libcurl 7.14.0 through 7.16.3, when built with
libcurl
|
libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate expiration or activation dates, which allows remote attackers to bypass certain access restrictions.
The Java Secure Socket Extension (JSSE) in Sun
Extension
|
Socket
|
Secure
|
Java
|
The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.2.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.
Mozilla Firefox 2.0.x can automatically install
automatically
|
certificates
|
interaction
|
activities
|
requesting
|
requested
|
Mozilla
|
minimal
|
install
|
Firefox
|
domains
|
easier
|
remote
|
across
|
client
|
sites
|
track
|
other
|
these
|
sends
|
which
|
makes
|
user
|
can
|
20x
|
web
|
TLS
|
Mozilla Firefox 2.0.x can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.
The Java Secure Socket Extension (JSSE) in the
Extension
|
Socket
|
Secure
|
Java
|
The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus Developer's Kit for Java in various Hitachi Cosminexus 7.5 products before 07-50-01, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service via certain SSL/TLS handshake requests. NOTE: this may be the same as CVE-2007-3698.
Software vulnerabilities results 1 to 20 of 151
Page:
1
2
3
4
5
...
8
►