98 matches found
CVE-2014-0350
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...
CVE-2014-0350
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...
Code injection
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...
CVE-2014-0350
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...
CVE-2014-0350
The CVE concerns POCO C++ Libraries’ NetSSL X509Certificate::verify in Poco::Net, vulnerable before 1.4.6p4 to MITM via crafted DNS PTRs during server-name wildcard comparison. Affected product: POCO’s NetSSL in POCO C++ Libraries; root cause: weak validation of X.509 CN/SAN matching against wild...
POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates
Overview The POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates, allowing an attacker to trick the victim application into trusting a malicious certificate. Description CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action Guenter Obiltschnig o...
Oracle Linux 5 : glibc (ELSA-2013-1411)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1411 advisory. 2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of...
RedHat Update for glibc RHSA-2013:0769-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : glibc on SL5.x,SL6.x i386/x86_64
The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. The fix for CVE-2010-3847 introduced a regression in the way th...
CentOS Update for glibc CESA-2012:0058 centos6
Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2012:0058 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for glibc RHSA-2011:1526-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RedHat Update for glibc RHSA-2012:0125-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RedHat Update for glibc RHSA-2012:0126-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Moderate: Red Hat Security Advisory: glibc security and bug fix update
Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
CentOS 5 : glibc (CESA-2011:0412)
Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
CentOS 5 : glibc (CESA-2010:0787)
Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora Update for boost FEDORA-2008-0754
Check for the Version of boost OpenVAS Vulnerability Test Fedora Update for boost FEDORA-2008-0754 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
glibc, nptl, nscd security update
CentOS Errata and Security Advisory CESA-2005:256 Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by...