Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-7043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do n...

9.1CVSS8AI score0.02403EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/06 12:0 a.m.23 views

Fedora 30 : openfortivpn (2020-42eb8821db)

Update to latest upstream version to fix CVE-2020-7041, CVE-2020-7042 and CVE-2020-7043. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

9.1CVSS6.3AI score0.02403EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/03/06 12:0 a.m.32 views

openSUSE Security Update : openfortivpn (openSUSE-2020-301)

This update for openfortivpn to version 1.12.0 fixes the following issues : - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...

9.1CVSS6.3AI score0.02403EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/03/05 12:0 a.m.26 views

openSUSE: Security Advisory for openfortivpn (openSUSE-SU-2020:0301-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.3AI score0.02403EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/03/04 12:0 a.m.82 views

Security update for openfortivpn (important)

openSUSE Security Update: Security update for openfortivpn Announcement ID: openSUSE-SU-2020:0301-1 Rating: important References: 1165299 1165300 1165301 Cross-References: CVE-2020-7041 CVE-2020-7042 CVE-2020-7043 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is...

9.1CVSS7.7AI score0.02403EPSS
Exploits0References3
NVD
NVD
added 2020/02/27 6:15 p.m.14 views

CVE-2020-7043

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack...

9.1CVSS9.1AI score0.02403EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2020/02/27 5:30 p.m.30 views

CVE-2020-7043

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack...

9.1CVSS9.1AI score0.02403EPSS
Exploits0
CVE
CVE
added 2020/02/27 5:30 p.m.140 views

CVE-2020-7043

OpenFortiVPN (openfortivpn) 1.11.0 with OpenSSL before 1.0.2 is vulnerable to CVE-2020-7043. In tunnel.c, hostname validation mishandles null bytes, allowing a crafted hostname like good.example.com\x00evil.example.com to bypass validation. This affects builds using affected OpenSSL versions and ...

9.1CVSS8.9AI score0.02403EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder