Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2005-2969

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 18 ΠΎΠΊΡ‚. 2005
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
CVSS2: 5

ОписаниС

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

released

0.9.8a-7ubuntu0.3
devel

released

0.9.8b-2ubuntu2
edgy

released

0.9.8b-2ubuntu2
feisty

released

0.9.8b-2ubuntu2
upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

released

0.9.7g-5ubuntu1.1
devel

released

0.9.7k-3
edgy

released

0.9.7k-3
feisty

released

0.9.7k-3
upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

5 Medium

CVSS2

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2005-2969

redhat
ΠΎΠΊΠΎΠ»ΠΎ 20 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2005-2969

nvd
ΠΎΠΊΠΎΠ»ΠΎ 20 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2005-2969

debian
ΠΎΠΊΠΎΠ»ΠΎ 20 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0 ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-h7wj-q4wv-chfq

github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2015-09905

fstec
ΠΏΠΎΡ‡Ρ‚ΠΈ 12 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Уязвимости систСмы Π°Π²Ρ‚ΠΎΠΌΠ°Ρ‚ΠΈΠ·Π°Ρ†ΠΈΠΈ Π΄Π΅ΡΡ‚Π΅Π»ΡŒΠ½ΠΎΡΡ‚ΠΈ прСдприятия 1Π‘:ΠŸΡ€Π΅Π΄ΠΏΡ€ΠΈΡΡ‚ΠΈΠ΅, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰ΠΈΠ΅ Π·Π»ΠΎΡƒΠΌΡ‹ΡˆΠ»Π΅Π½Π½ΠΈΠΊΡƒ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании ΠΈΠ»ΠΈ ΠΏΠΎΠ»ΡƒΡ‡ΠΈΡ‚ΡŒ доступ ΠΊ Π·Π°ΡˆΠΈΡ„Ρ€ΠΎΠ²Π°Π½Π½Ρ‹ΠΌ Π΄Π°Π½Π½Ρ‹ΠΌ Π±Π΅Π· знания ΠΊΠ»ΡŽΡ‡Π° ΡˆΠΈΡ„Ρ€ΠΎΠ²Π°Π½ΠΈΡ

5 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2005-2969