Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Schannel 加密问题漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。Microsoft Schannel(全称Secure Channel,安全通道)是其中的一个安全支持提供程序(SSP),它可实现安全套接字层(SSL)和传输层安全(TLS) Internet标准身份验证协议,并提供身份验证服务以便在客户端和服务器之间提供安全的通信。 Microsoft Schannel中存在安全功能绕过漏洞,该漏洞由处于TLS状态机器中的问题所致,客户端系统接受比原始协商密钥长度短的RSA密钥。
CVSS Information
N/A
Vulnerability Type
N/A