Lucene search
K

98 matches found

NVD
NVD
added 2014/04/26 1:55 a.m.21 views

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

6.4CVSS6AI score0.01218EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/04/26 1:55 a.m.25 views

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

6.4CVSS6.6AI score0.01218EPSS
Exploits0References3
Prion
Prion
added 2014/04/26 1:55 a.m.17 views

Code injection

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

6.4CVSS6.7AI score0.01218EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2014/04/26 1:0 a.m.16 views

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

6.4CVSS6AI score0.01218EPSS
Exploits0
CVE
CVE
added 2014/04/26 1:0 a.m.59 views

CVE-2014-0350

The CVE concerns POCO C++ Libraries’ NetSSL X509Certificate::verify in Poco::Net, vulnerable before 1.4.6p4 to MITM via crafted DNS PTRs during server-name wildcard comparison. Affected product: POCO’s NetSSL in POCO C++ Libraries; root cause: weak validation of X.509 CN/SAN matching against wild...

6.4CVSS6AI score0.01218EPSS
Exploits0References4Affected Software1
CERT
CERT
added 2014/04/24 12:0 a.m.90 views

POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates

Overview The POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates, allowing an attacker to trick the victim application into trusting a malicious certificate. Description CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action Guenter Obiltschnig o...

6.4CVSS6.1AI score0.01218EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/10/10 12:0 a.m.33 views

Oracle Linux 5 : glibc (ELSA-2013-1411)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1411 advisory. 2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of...

4.3CVSS7.6AI score0.02607EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/04/25 12:0 a.m.30 views

RedHat Update for glibc RHSA-2013:0769-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.1AI score0.04113EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.42 views

Scientific Linux Security Update : glibc on SL5.x,SL6.x i386/x86_64

The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. The fix for CVE-2010-3847 introduced a regression in the way th...

6.9CVSS7.4AI score0.14323EPSS
Exploits22References5
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.37 views

CentOS Update for glibc CESA-2012:0058 centos6

Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2012:0058 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS8.6AI score0.08073EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/07/09 12:0 a.m.37 views

RedHat Update for glibc RHSA-2011:1526-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS8.7AI score0.00543EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/02/21 12:0 a.m.47 views

RedHat Update for glibc RHSA-2012:0125-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.2CVSS8.4AI score0.14323EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2012/02/21 12:0 a.m.37 views

RedHat Update for glibc RHSA-2012:0126-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS8.8AI score0.08073EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2012/01/24 9:5 p.m.49 views

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.8CVSS7.5AI score0.08073EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/04/15 12:0 a.m.69 views

CentOS 5 : glibc (CESA-2011:0412)

Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.2CVSS7.5AI score0.14323EPSS
Exploits24References9
Tenable Nessus
Tenable Nessus
added 2010/11/24 12:0 a.m.39 views

CentOS 5 : glibc (CESA-2010:0787)

Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS8AI score0.08747EPSS
Exploits20References3
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.27 views

Fedora Update for boost FEDORA-2008-0754

Check for the Version of boost OpenVAS Vulnerability Test Fedora Update for boost FEDORA-2008-0754 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

5CVSS6.3AI score0.02686EPSS
Exploits1References2
Cent OS
Cent OS
added 2005/05/18 6:1 p.m.366 views

glibc, nptl, nscd security update

CentOS Errata and Security Advisory CESA-2005:256 Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by...

2.1CVSS5.8AI score0.00364EPSS
Exploits0References9
Rows per page
Query Builder