Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-2318

Опубликовано: 08 янв. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.1

Описание

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

РелизСтатусПримечание
devel

released

3.2.8+dfsg-4ubuntu4
esm-infra-legacy/trusty

released

3.2.8+dfsg-4ubuntu1.1
lucid

ignored

end of life
precise

released

2.10.8.1-1ubuntu2.3
trusty

released

3.2.8+dfsg-4ubuntu1.1
trusty/esm

released

3.2.8+dfsg-4ubuntu1.1
upstream

released

3.2.8+dfsg-10,2.6.7-5.1+deb6u1
utopic

released

3.2.8+dfsg-4ubuntu2.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.0129
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2015-2318

CVSS3: 8.1
nvd
около 8 лет назад

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

debian логотип

CVE-2015-2318

CVSS3: 8.1
debian
около 8 лет назад

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers ...

github логотип

GHSA-xv64-wpfr-x2m3

CVSS3: 8.1
github
больше 3 лет назад

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

suse-cvrf логотип

SUSE-SU-2015:0841-1

suse-cvrf
почти 12 лет назад

Recommended update for mono-core

EPSS

Процентиль: 79%
0.0129
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3