Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2004/09/07 12:0 a.m.10 views

OpenCA < 0.9.1-9 Web Interface Form Input Field XSS

Binary data 2267.prm...

4.3CVSS7.3AI score0.01177EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/09/06 12:0 a.m.38 views

OpenCA Security Advisory: Cross Site Scripting vulnerability

OpenCA Security Advisory: Cross Site Scripting vulnerability Authors Martin Bartosch [email protected] Michael Bell [email protected] 2004-09-01 Initial revision 2004-09-06 Public release Summary ------- The OpenCA Project is a collaborative effort to develop a robust, full-feature...

4.3CVSS0.4AI score0.01177EPSS
Exploits0
securityvulns
securityvulns
added 2004/09/06 12:0 a.m.28 views

OpenCA crossite scripting

No description provided...

1.7AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.18 views

CVE-2004-0004

The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing...

6.5AI score0.0209EPSS
Exploits0References6
CVE
CVE
added 2004/09/01 4:0 a.m.70 views

CVE-2004-0004

Affects OpenCA : OpenCA 0.9.1.6 and earlier use crypto-utils.lib’s libCheckSignature, which compares only the certificate serial to the database entry. This can allow a signature to be accepted if the signer's certificate chain is trusted by OpenCA’s chain directory, enabling an attacker to spoof...

7.5CVSS6.5AI score0.0209EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2004/02/17 5:0 a.m.16 views

CVE-2004-0004

The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing...

7.5CVSS6.5AI score0.0209EPSS
Exploits0References6
CERT
CERT
added 2004/01/19 12:0 a.m.32 views

OpenCA libCheckSignature function fails to properly verify the signature of certificates

Overview OpenCA may accept a signature from a certificate if the certificate's chain is trusted by the chain directory of OpenCA. Description The OpenCA PKI Development Project is a Certification Authority. A vulnerability exists in the way the libCheckSignature function compares the certificate ...

7.5CVSS6AI score0.0209EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/01/17 12:0 a.m.57 views

OpenCA certificate spoofing

A flaw could cause OpenCA to accept a signature from a certificate if the certificate's chain is trusted by the chain directory of OpenCA. This means that a certificate from another PKI can authorize operations on the used PKI if the chain of the used signature certifcate can establish a trust...

1.1AI score
Exploits0References1
securityvulns
securityvulns
added 2004/01/17 12:0 a.m.42 views

[OpenCA Advisory] Vulnerability in signature verification

OpenCA Security Advisory 16 January 2004 Vulnerability in signature validation ===================================== A flaw in OpenCA before version 0.9.1.7 could cause OpenCA to accept a signature from a certificate if the certificate's chain is trusted by the chain directory of OpenCA. This mea...

7.5CVSS0.1AI score0.0209EPSS
Exploits0
NVD
NVD
added 2003/12/15 5:0 a.m.21 views

CVE-2003-0960

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates...

7.5CVSS6.3AI score0.00709EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/12/02 5:0 a.m.35 views

CVE-2003-0960

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates...

6.3AI score0.00709EPSS
Exploits1References1
CVE
CVE
added 2003/12/02 5:0 a.m.63 views

CVE-2003-0960

CVE-2003-0960 refers to a vulnerability in OpenCA where, before 0.9.1.4, the system did not use the correct certificate in a chain when checking the serial, which could allow revoked or expired certificates to be accepted as valid. Multiple connected sources (SUSE advisory, OpenVAS/NASL/Nessus en...

7.5CVSS6.3AI score0.00709EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2003/11/29 12:0 a.m.45 views

[OpenCA Advisory] Vulnerabilities in signature verification

OpenCA Security Advisory 28 November 2003 Vulnerabilities in signature validation ======================================= Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to...

7.5CVSS0.5AI score0.00709EPSS
Exploits1
Rows per page
Query Builder