 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.147122 |
| Categoría: | SSL and TLS |
| Título: | SSL/TLS: Known Compromised Certificate Detection |
| Resumen: | The remote SSL/TLS service is using an SSL/TLS certificate which; is known to be compromised (e.g. known private keys, used by malware, etc). |
| Descripción: | Summary: The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised (e.g. known private keys, used by malware, etc). Vulnerability Impact: An attacker could use this for man-in-the-middle (MITM) attacks, accessing sensible data and other attacks. Affected Software/OS: A wide range of devices from vendors like Actiontec, Cisco, D-Link Systems, General Electric, Huawei Technologies, NetComm Wireless Limited, Sierra Wireless, Technicolor, Ubiquiti Networks, ZTE Corporation and ZyXEL are known to be affected. Solution: Replace the SSL/TLS certificate with a trusted/clean one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-6358 BugTraq ID: 78047 http://www.securityfocus.com/bid/78047 CERT/CC vulnerability note: VU#566724 http://www.kb.cert.org/vuls/id/566724 Cisco Security Advisory: 20151125 Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci http://www.securitytracker.com/id/1034255 http://www.securitytracker.com/id/1034256 http://www.securitytracker.com/id/1034257 http://www.securitytracker.com/id/1034258 Common Vulnerability Exposure (CVE) ID: CVE-2015-7255 https://github.com/sec-consult/houseofkeys/search?p=3&q=zte&type=&utf8=%E2%9C%93 https://www.kb.cert.org/vuls/id/BLUU-A2NQYR Common Vulnerability Exposure (CVE) ID: CVE-2015-7256 Common Vulnerability Exposure (CVE) ID: CVE-2015-7276 https://sec-consult.com/en/blog/2015/11/house-of-keys-industry-wide-https/ Common Vulnerability Exposure (CVE) ID: CVE-2015-8251 Common Vulnerability Exposure (CVE) ID: CVE-2015-8260 |
| Copyright | Copyright (C) 2021 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |