22
201512230234
Symptom: In a dynamic link aggregation group, an Ethernet subinterface is not Selected after
certain operations are performed.
Condition: This symptom might occur if the following operations are performed:
a. Create a dynamic link aggregation group and assign an Ethernet subinterface to the group.
b. Delete the link aggregation group.
c. Re-create the link aggregation group and assign the Ethernet subinterface to the group.
201604110398
Symptom: CVE-2016-2842。
Condition: Fixed vulnerability in the doapr_outch function in crypto/bio/b_print.c, which allows
remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or
possibly have unspecified other impact via a long string.
201603230025
Symptom(1): CVE-2016-0705。
Condition(1):Fixed vulnerability when OpenSSL parses malformed DSA private keys and could
lead to a DoS attack or memory corruption for applications that receive DSA private keys from
untrusted sources.
Symptom(2): CVE-2016-0798
Condition(2): Fixed vulnerability in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows
remote attackers to cause a denial of service (memory consumption) by providing an invalid
username in a connection attempt.
Symptom(3): CVE-2016-0797
Condition(3): Fixed vulnerability in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow
remote attackers to cause a denial of service (heap memory corruption or NULL pointer
dereference).
Symptom(4): CVE-2016-0799
Condition(4): Fixed vulnerability in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g
improperly calculates string lengths, which allows remote attackers to cause a denial of service
which could lead to memory allocation failure or memory leaks.
Symptom(5): CVE-2016-0702
Condition(5): Fixed vulnerability in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g which
makes it easier for local users to discover RSA keys leveraging cache-bank conflicts, aka a
"CacheBleed" attack.
201603170257
Symptom(1): CVE-2016-0701:
Condition(1): The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2
before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key
exchange, which makes it easier for remote attackers to discover a private DH exponent by
making multiple handshakes with a peer that chose an inappropriate number, as demonstrated
by a number in an X9.42 file.
Symptom(2): CVE-2015-3197。
Condition(2): ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not
prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat
cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to
the get_client_master_key and get_client_hello functions.
To Next Page
Loading...
