3 matches found
UBUNTU-CVE-2024-5991
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
OPENSUSE-SU-2020:0305-1 Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues: - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...
OPENSUSE-SU-2020:0301-1 Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues: - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...