 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.147122 |
| Kategorie: | SSL and TLS |
| Titel: | SSL/TLS: Known Compromised Certificate Detection |
| Zusammenfassung: | The remote SSL/TLS service is using an SSL/TLS certificate which; is known to be compromised (e.g. known private keys, used by malware, etc). |
| Beschreibung: | Summary: The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised (e.g. known private keys, used by malware, etc). Vulnerability Impact: An attacker could use this for man-in-the-middle (MITM) attacks, accessing sensible data and other attacks. Affected Software/OS: A wide range of devices from vendors like Actiontec, Cisco, D-Link Systems, General Electric, Huawei Technologies, NetComm Wireless Limited, Sierra Wireless, Technicolor, Ubiquiti Networks, ZTE Corporation and ZyXEL are known to be affected. Solution: Replace the SSL/TLS certificate with a trusted/clean one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-6358 BugTraq ID: 78047 http://www.securityfocus.com/bid/78047 CERT/CC vulnerability note: VU#566724 http://www.kb.cert.org/vuls/id/566724 Cisco Security Advisory: 20151125 Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci http://www.securitytracker.com/id/1034255 http://www.securitytracker.com/id/1034256 http://www.securitytracker.com/id/1034257 http://www.securitytracker.com/id/1034258 Common Vulnerability Exposure (CVE) ID: CVE-2015-7255 https://github.com/sec-consult/houseofkeys/search?p=3&q=zte&type=&utf8=%E2%9C%93 https://www.kb.cert.org/vuls/id/BLUU-A2NQYR Common Vulnerability Exposure (CVE) ID: CVE-2015-7256 Common Vulnerability Exposure (CVE) ID: CVE-2015-7276 https://sec-consult.com/en/blog/2015/11/house-of-keys-industry-wide-https/ Common Vulnerability Exposure (CVE) ID: CVE-2015-8251 Common Vulnerability Exposure (CVE) ID: CVE-2015-8260 |
| Copyright | Copyright (C) 2021 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |