Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-8838
Description:ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-8838
SuSE Security Announcement: SUSE-SU-2016:1145 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:1166 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html
SuSE Security Announcement: openSUSE-SU-2016:1167 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html
SuSE Security Announcement: openSUSE-SU-2016:1173 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html
http://www.ubuntu.com/usn/USN-2952-1
http://www.ubuntu.com/usn/USN-2952-2




© 1998-2021 E-Soft Inc. All rights reserved.