Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24353

HistoryApr 10, 2020 - 12:53 a.m.

Insecure TLS Configuration

2020-04-1000:53:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

22

EPSS

0.009

Percentile

82.8%

seamonkey uses an insecure TLS configuration. It was found that the SSL DHE (Diffie-Hellman Ephemeral) mode implementation for key exchanges in SeaMonkey accepted DHE keys that were 256 bits in length. This update removes support for 256 bit DHE keys, as such keys are easily broken using modern hardware.

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

secunia.com/advisories/41839

secunia.com/advisories/42867

support.avaya.com/css/P8/documents/100114250

support.avaya.com/css/P8/documents/100120156

www.debian.org/security/2010/dsa-2123

www.mandriva.com/security/advisories?name=MDVSA-2010:210

www.mandriva.com/security/advisories?name=MDVSA-2010:211

www.mozilla.org/security/announce/2010/mfsa2010-72.html

www.redhat.com/security/updates/classification/#critical

www.redhat.com/support/errata/RHSA-2010-0781.html

www.redhat.com/support/errata/RHSA-2010-0782.html

www.ubuntu.com/usn/USN-1007-1

www.vupen.com/english/advisories/2011/0061

access.redhat.com/errata/RHSA-2010:0781

bugzilla.mozilla.org/show_bug.cgi?id=554354

bugzilla.mozilla.org/show_bug.cgi?id=583337

bugzilla.mozilla.org/show_bug.cgi?id=587234

bugzilla.mozilla.org/show_bug.cgi?id=595300

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12118

EPSS

0.009

Percentile

82.8%

Related for VERACODE:24353

cve1 ubuntucve1 prion1 cvelist1 debiancve1 securityvulns2 mozilla1 nvd1 openvas28 ubuntu1 debian3 osv1 nessus21 oraclelinux2 redhat2 centos2 freebsd1 vmware2 suse1 gentoo1