IBM Db2 DBADM Privilege Revocation Security Bypass Vulnerability

IBM Db2 is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...

Code injection

IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority...

Fedora Update for myproxy FEDORA-2011-0512

Check for the Version of myproxy OpenVAS Vulnerability Test Fedora Update for myproxy FEDORA-2011-0512 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

SuSE 10 Security Update : ruby (ZYPP Patch Number 6338)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

Improper Authentication Vulnerability in Handling of Revoked Certificate in Hitachi Web Server SSL Client Authentication

Overview SSL client authentication in Hitachi Web Server has a vulnerability which allows an attacker to access a Hitachi Web Server using the client certificates registered in the Certification Revocation List CRL. This vulnerability does not apply if SSL or SSL client authentication is not in...

RHEL 5 : curl (RHSA-2010:0273)

Updated curl packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

RedHat Update for curl RHSA-2010:0273-05

Check for the Version of curl OpenVAS Vulnerability Test RedHat Update for curl RHSA-2010:0273-05 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CVE-2010-0731

The gnutlsx509crtgetserial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1readvalue with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list CRL check and cau...

CVE-2010-0731

The gnutlsx509crtgetserial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1readvalue with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list CRL check and cau...

Stack overflow

The gnutlsx509crtgetserial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1readvalue with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list CRL check and cau...

CVE-2010-0731

GnuTLS before 1.2.1 (BE, 64‑bit) contains a flaw in gnutls_x509_crt_get_serial that decodes ASN.1 data with the wrong type/length, allowing a crafted X.509 certificate to bypass CRL checks and potentially cause a stack-based overflow. This vulnerability is addressed by Red Hat/CentOS OpenVAS advi...

CVE-2010-0731

The gnutlsx509crtgetserial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1readvalue with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list CRL check and cau...

Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Windows

Opera Web Browser is prone to Multiple Spoof URL vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate...

PT-2009-5378 · Opera · Opera

Name of the Vulnerable Software and Affected Versions: Opera versions prior to 10.00 Description: The issue arises from the failure to check all intermediate X.509 certificates for revocation, making it easier for remote SSL servers to bypass validation of the certificate chain via a revoked...

Opera < 10.00 Multiple Vulnerabilities

Binary data 5146.prm...

Opera < 10.00 Multiple Vulnerabilities

Binary data 800811.prm...

CVE-2009-1358

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...

CVE-2009-1358

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...

Moderate: Red Hat Security Advisory: rhpki security and bug fix update

Updated pkisetup, rhpki-common, rhpki-ca, rhpki-kra, rhpki-ocsp, rhpki-tks, and rhpki-tps and rhpki-util for Solaris 9 packages that fix various security issues and several bugs are now available for Red Hat Certificate System 7.2. This update has been rated as having moderate security impact by...