Download
| Alert*
oval:org.secpod.oval:def:14154
The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3, Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to man in the middle attack vulnerability. A flaw is present in the application, which can encryp ... oval:org.secpod.oval:def:701067 qt4-x11: Qt 4 libraries Qt applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701066 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:1600259 It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding ... oval:org.secpod.oval:def:600969 Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed "CRIME", allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression. oval:org.secpod.oval:def:501010 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ... oval:org.secpod.oval:def:202572 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ... oval:org.secpod.oval:def:1500085 Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are ava ... oval:org.secpod.oval:def:600919 A vulnerability has been found in the Apache HTTPD Server: CVE-2012-4557 A flaw was found when mod_proxy_ajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until ... oval:org.secpod.oval:def:205784 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:202626 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ... oval:org.secpod.oval:def:701356 openssl: Secure Socket Layer cryptographic library and tools Applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1500102 Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:104792 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools. oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:600967 Several vulnerabilities were discovered in the TLS/SSL protocol. This update addresses these protocol vulnerabilities in lighttpd. CVE-2009-3555 Marsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing c ... oval:org.secpod.oval:def:602094 Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer protocol. For Debian 7 this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default . TLS compression is dis ... oval:org.secpod.oval:def:107894 The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ... oval:org.secpod.oval:def:107915 The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ... |