Lucene search
+L

117 matches found

nessus
nessus
added 2014/07/24 12:0 a.m.50 views

Oracle Linux 7 : openssl098e (ELSA-2014-0680)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2014-0680 advisory. 0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References2
oraclelinux
oraclelinux
added 2014/07/23 12:0 a.m.57 views

openssl098e security update

0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...

5.8CVSS1.7AI score0.95326EPSS
Exploits9
nessus
nessus
added 2014/06/12 12:0 a.m.50 views

Oracle Linux 4 : openssl (ELSA-2014-3040)

Description of changes: 0.9.7a-43.18.0.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2014-3040...

7.4CVSS8AI score0.95326EPSS
Exploits9References2
oraclelinux
oraclelinux
added 2014/06/11 12:0 a.m.58 views

openssl security update

0.9.7a-43.18.0.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...

5.8CVSS1.7AI score0.95326EPSS
Exploits9
openvas
openvas
added 2014/06/09 12:0 a.m.65 views

CentOS Update for openssl098e CESA-2014:0626 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.8AI score0.95326EPSS
Exploits9References4
oraclelinux
oraclelinux
added 2014/06/05 12:0 a.m.72 views

openssl security update

1.0.1e-16.14 - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerabilit...

6.8CVSS2.2AI score0.99977EPSS
Exploits13
oraclelinux
oraclelinux
added 2014/06/05 12:0 a.m.64 views

openssl security update

0.9.8e-27.3 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability 0.9.8e-27.1 - replace expired GlobalSign Root CA certificate in ca-bundle.crt...

5.8CVSS1.9AI score0.95326EPSS
Exploits9
nessus
nessus
added 2014/04/29 12:0 a.m.24 views

Opera < 12.17 opera_autoupdate.exe MITM Vulnerability

The version of Opera installed on the remote host is prior to version 12.17, and thus includes an automatic update-checking component, 'operaautoupdate.exe', that is vulnerable to man-in-the- middle attacks because it does not properly verify server certificates. C Tenable Network Security, Inc...

5.9AI score
Exploits0References2
redhat
redhat
added 2013/12/17 6:30 p.m.5 views

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

5.8CVSS7.2AI score0.09254EPSS
Exploits0References4
redhat
redhat
added 2013/03/25 5:3 p.m.7 views

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

5.8CVSS7.2AI score0.09254EPSS
Exploits0References4
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.172 views

MitM-vulnerability in Palo Alto Networks GlobalProtect

--------------------------------------------------------------------- SySS-Advisory: MitM-vulnerability in Palo Alto Networks GlobalProtect --------------------------------------------------------------------- Problem discovered: July 12th 2012 Vendor contacted: July 13th 2012 Advisory published:...

1.2AI score
Exploits0
openvas
openvas
added 2010/08/06 12:0 a.m.23 views

RedHat Update for gnupg2 RHSA-2010:0603-01

Check for the Version of gnupg2 OpenVAS Vulnerability Test RedHat Update for gnupg2 RHSA-2010:0603-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

5.1CVSS8.1AI score0.05342EPSS
Exploits0References2
osv
osv
added 2009/11/16 7:30 p.m.4 views

UBUNTU-CVE-2009-3941

Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...

5CVSS5.9AI score0.00928EPSS
Exploits0References2
zdt
zdt
added 2009/11/09 12:0 a.m.845 views

SSL MITM Vulnerability

Exploit for unknown platform in category remote exploits ====================== SSL MITM Vulnerability ====================== Title: SSL MITM Vulnerability CVE-ID: OSVDB-ID: Author: Pavel Kankovsky Published: 2009-11-09 Verified: yes view source print? include include include include include...

7.1AI score
Exploits0
osv
osv
added 2009/09/29 11:30 p.m.1 views

DEBIAN-CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

7.5CVSS7AI score0.00891EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2008/07/07 12:0 a.m.7 views

PT-2008-3224 · Netscape +1 · Netscape Certificate Management System +1

Name of the Vulnerable Software and Affected Versions: Red Hat Certificate System versions 7.1 through 7.3 Netscape Certificate Management System version 6.x Description: The issue allows remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a...

7.5CVSS6.4AI score0.01074EPSS
Exploits1References8
duo
duo
added 1976/01/01 12:0 a.m.492 views

DUO-PSA-2015-002: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2015-002 Original Publication Date: 2015-04-06 Revision Date: 2015-04-13 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in recent versions of Duo Mobile for iOS that could allow attackers to perform a...

0.9AI score
Exploits0
Rows per page
Query Builder