102 matches found
AZL-41809 CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...
Fedora 22 : m2crypto-0.22.5-2.fc22 (2015-321ae39ee6)
Fixes a buffer overflow in EVP.pbkdf2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 23 : m2crypto-0.22.5-2.fc23 (2015-ca11983963)
Fixes a buffer overflow in EVP.pbkdf2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Updated python-m2crypto packages fix security vulnerability
A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application rhbz1271165...
MGASA-2015-0458 Updated python-m2crypto packages fix security vulnerability
A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application rhbz1271165...
Fedora Update for m2crypto FEDORA-2015-446074
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: m2crypto-0.22.5-2.fc21
This package allows you to call OpenSSL functions from python scripts...
Fedora Update for m2crypto FEDORA-2015-321
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: m2crypto-0.22.5-2.fc22
This package allows you to call OpenSSL functions from python scripts...
[SECURITY] Fedora 23 Update: m2crypto-0.22.5-2.fc23
This package allows you to call OpenSSL functions from python scripts...
SSL and TLS protocol test suite and fuzzer: tlsfuzzer
tlsfuzzer is a combination of TLS test framework, ready-to-use tests and hopefully in the future a fuzzer for TLS protocol. The aim is to have ability to test TLS implementation everywhere a fairly recent version of Python can run 2.6, 3.2 or later. Current implementation efforts focus on testing...
DNS visualization: DNSViz
DNSViz is a tool for assessing the health of DNS deployments by issuing diagnostic queries, assessing the responses, and outputting the results in one of several formats. The assessment may be directed towards recursive or authoritative DNS servers, and the output may be textual, graphical, or...
Object Scanning System: Laika BOSS
Laika is an object scanner and intrusion detection system that strives to achieve the following goals: Scalable Work across multiple systems High volume of input from many sources Flexible Modular architecture Highly configurable dispatching and dispositioning logic Tactical code insertion withou...
SuSE 11.3 Security Update : python-pywbem (SAT Patch Number 9079)
This update fixes a TOCTOU vulnerability during certificate validation. CVE-2013-6418 has been assigned to this issue. This update also introduces a new dependency on python-m2crypto. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
CVE-2009-0127
M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...
CVE-2009-0127
M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...
CVE-2009-0127
M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...
Input validation
DISPUTED M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability...
CVE-2009-0127
Technical details about CVE-2009-0127 are not publicly provided in the supplied documents. Monitor for updates for affected components, root cause, and fixes.
CVE-2009-0127
M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...