126 matches found
Improper Certificate Validation in Apache Airflow
The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...
CVE-2018-20245
The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...
Input validation
The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...
DEBIAN-CVE-2018-1000140
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by...
Debian: Security Advisory (DLA-1107-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Droidefense - Advance Android Malware Analysis Framework
Droidefense originally named atom: a nalysis t hrough o bservation m achine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...
[SECURITY] [DLA 1107-1] bzr security update
Package : bzr Version : 2.6.0bzr6526-1+deb7u1 CVE ID : CVE-2013-2099 CVE-2017-14176 Debian Bug : 709068 874429 CVE-2013-2099 Bazaar bundles SSL certificate checking code from Python, which had a bug that could cause a denial of service via resource consumption through multiple wildcards in...
openSUSE Security Update : gnome-online-accounts (openSUSE-SU-2013:0301-1)
gnome-online-accounts was updated to do SSL certicicate checking when creating accounts, avoiding man-in-the-middle attack possibilities. CVE-2013--240 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
Design/Logic Flaw
The certTestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services NSS before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof...
Certificates are not checked with a Default installation of StrTreeWin
Message during HG checkin: warning: bitbucket.org certificate with fingerprint 24:9c:45:8b:9c:aa:ba:55:4e:01:6d:58:ff:e4:28:7d:2a:14:ae:3b not verified check hostfingerprints or web.cacerts config setting This is a default install, and such an install should have security configured correctly out...
GLSA-201203-24 : Chromium, V8: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201203-24 Chromium, V8: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent...
Google Chrome < 18.0.1025.142 Multiple Vulnerabilities
Binary data 6402.pasl...
Google Chrome < 18.0.1025.142 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 18.0.1025.142 and is, therefore, affected by the following vulnerabilities : - An error exists in the v8 JavaScript engine that can allow invalid reads. CVE-2011-3057 - An unspecified error exists related to bad interaction...
CentOS Update for fetchmail CESA-2009:1427 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for fetchmail CESA-2009:1427 centos5 i386
Check for the Version of fetchmail OpenVAS Vulnerability Test CentOS Update for fetchmail CESA-2009:1427 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
This update fixes several security issues in mysql : - checking server certificates CVE-2009-4028 - error handling in subqueries CVE-2009-4019 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 - symlink behavior fixed CVE-2008-7247 - symlink behavior refixed CVE-2009-4030 %NASLMINLEVEL 703...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
This update fixes several security issues in mysql : - checking server certificates CVE-2009-4028 - error handling in subqueries CVE-2009-4019 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 - symlink behavior fixed CVE-2008-7247 - symlink behavior refixed CVE-2009-4030 %NASLMINLEVEL 703...
RedHat Security Advisory RHSA-2009:1427
The remote host is missing updates announced in advisory RHSA-2009:1427. Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, such as SLIP and PPP connections. It was discovered that fetchmail is affected by the previously published null prefix...
RHEL 3 / 4 / 5 : fetchmail (RHSA-2009:1427)
An updated fetchmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Fetchmail is a remote mail retrieval and forwarding utility intended for...
fetchmail security update
CentOS Errata and Security Advisory CESA-2009:1427 An updated fetchmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Fetchmail is a remote...