43 matches found
EUVD-2014-0094
Malware in sbrugna...
EUVD-2014-0095
Malware in sbrugna...
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
...
Linux Distros Unpatched Vulnerability : CVE-2013-6444
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...
Linux Distros Unpatched Vulnerability : CVE-2013-6418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the- middle attackers to spoof a peer via an arbitrary...
OPENSUSE-SU-2024:11263-1 python36-pywbem-1.1.1-2.7 on GA media
These are all security issues fixed in the python36-pywbem-1.1.1-2.7 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13977-1 python310-pywbem-1.7.2-1.1 on GA media
These are all security issues fixed in the python310-pywbem-1.7.2-1.1 package on the GA media of openSUSE Tumbleweed...
RHEL 6 : pywbem (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pywbem: failure to check certificate hostname CVE-2013-6444 - PyWBEM 0.7 and earlier uses a separate...
RHEL 9 : pywbem (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - m2crypto: Bleichenbacher timing attacks in the RSA decryption API - incomplete fix for CVE-2020-25657 CVE-2023-5078...
RHEL 7 : pywbem (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pywbem: failure to check certificate hostname CVE-2013-6444 - PyWBEM 0.7 and earlier uses a separate...
SUSE CVE-2013-6418
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate...
SUSE CVE-2013-6444
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
new packages: pywbem
An update is available for pywbem. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
GHSA-GH2C-6M38-C78J PyWBEM TOCTOU vulnerability in certificate validation
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
GHSA-F9Q5-46QG-74X4 PyWBEM TOCTOU vulnerability in certificate validation
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate...
PyWBEM TOCTOU vulnerability in certificate validation
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate...
PyWBEM TOCTOU vulnerability in certificate validation
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
Advisory ROSA-SA-2021-1958
Software: pywbem 0.7.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-6418 CVE-Crit: HIGH CVE-DESC: PyWBEM 0.7 and earlier versions use a separate connection to validate X.509 certificates, which allows "attacker-in-the-middle" attackers to trick a peer node with an arbitrary certificate. CVE-STATUS: default...
SUSE: Security Advisory (SUSE-SU-2014:0580-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALBA-2020:1822 pywbem bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...