CVE-2015-8960
https://notcve.org/view.php?id=CVE-2015-8960
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue. El protocolo TLS 1.2 y versiones anteriores soporta los valores rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh y ecdsa_fixed_ecdh para ClientCertificateType pero no documenta directamente la habilidad para computar el secreto maestro en determinadas situaciones con una clave de cliente secreta y una clave pública de servidor pero no una clave secreta de servidor, lo que facilita a atacantes man-in-the-middle suplantar servidores TLS aprovechando el conocimiento de la clave secreta para un certificado cliente X.509 arbitrariamente instalado, también conocido como problema "Key Compromise Impersonation (KCI)". • http://twitter.com/matthew_d_green/statuses/630908726950674433 http://www.openwall.com/lists/oss-security/2016/09/20/4 http://www.securityfocus.com/bid/93071 https://kcitls.org https://security.netapp.com/advisory/ntap-20180626-0002 https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf • CWE-295: Improper Certificate Validation •
CVE-2016-7153
https://notcve.org/view.php?id=CVE-2016-7153
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack. El protocolo HTTP/2 no considera el rol de la ventana de congestión TCP cuando da información sobre longitud del contenido, lo que facilita a atacantes remotos obtener datos en texto plano aprovechando una configuración de navegador web donde son enviadas las cookies de terceros, también conocido como ataque "HEIST". • http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages http://www.securityfocus.com/bid/92773 http://www.securitytracker.com/id/1036741 http://www.securitytracker.com/id/1036742 http://www.securitytracker.com/id/1036743 http://www.securitytracker.com/id/1036744 http://www.securitytracker.com/id/1036745 http://www.securitytracker.com/id/1036746 https://tom.vg/papers/heist_blackhat2016.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-7152
https://notcve.org/view.php?id=CVE-2016-7152
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack. El protocolo HTTPS no considera el rol de la ventana de congestión TCP cuando da información sobre longitud del contenido, lo que facilita a atacantes remotos obtener datos en texto plano aprovechando una configuración de navegador web donde son enviadas cookies de terceros, también conocido como ataque "HEIST". • http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages http://www.securityfocus.com/bid/92769 http://www.securitytracker.com/id/1036741 http://www.securitytracker.com/id/1036742 http://www.securitytracker.com/id/1036743 http://www.securitytracker.com/id/1036744 http://www.securitytracker.com/id/1036745 http://www.securitytracker.com/id/1036746 https://tom.vg/papers/heist_blackhat2016.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-5101
https://notcve.org/view.php?id=CVE-2016-5101
Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message. Vulnerabilidad no especificada en Opera Mail en versiones anteriores a 2016-02-16 en Windows permite a atacantes remotos asistidos por usuario ejecutar código arbitrario a través de un mensaje de correo electrónico manipulado. • http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update http://www.securityfocus.com/bid/91507 • CWE-284: Improper Access Control •
CVE-2015-4000 – LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
https://notcve.org/view.php?id=CVE-2015-4000
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. El protocolo TLS 1.2 y anteriores, cuando una suite de cifrado DHE_EXPORT está habilitada en un servidor pero no en un cliente, no transporta una elección DHE_EXPORT, lo que permite a atacantes man-in-the-middle realizar ataques de degradación del cifrado mediante la rescritura de un ClientHello con DHE remplazado por DHE_EXPORT y posteriormente la rescritura de un ServerHello con DHE_EXPORT remplazado por DHE, también conocido como el problema 'Logjam'. A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. • http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681 http://kb.juniper.net/InfoC • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •