security-advisories

Date of First Release: 10-01-2018 Source: VMware Product affected: vSphere Data Protection (VDP) running on the virtual machines Version 6.1.x, 6.0.x and 5.x  Overview: VSphere Data Protection (VDP) contains multiple authentication bypass, arbitrary file upload and path traversal vulnerabilities. Description: VMware has release security advisory to address three critical vulnerabilities …

TZCERT-2014-12: VULNERABILITY ALERT  SSL 3.0 Protocol Vulnerability and POODLE Attack Date of First Release: 11-12-2014 Source: US-CERT, Symantec, IETF System Affected: All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) …

TZCERT-2014-03: Vulnerability Alert OpenSSL Vulnerability by Man in The Middle (MITM) attack Date of First Release: 09-06-2014 Source: US-CERT, OpenSSL OS Affected: Fedora Project, FreeBSD Project, Debian GNU/Linux, OpenSSL, Red Hat, Inc., Ubuntu. Overview: A carefully crafted handshake can be used by an attackers to force the use of weak …