23 matches found
EUVD-2000-0540
Malware in sbrugna...
PT-2022-23721 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche version 6.3.2.3490 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird stem from insufficient validation of input data, allowing attackers to forge updates for add-ons.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to forge updates to extensions by using the X-certificate server from addons.mozilla.org, signed by a...
Important: Red Hat Security Advisory: jss security update
An update for jss is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
jss security update
CentOS Errata and Security Advisory CESA-2019:3067 An update for jss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Red Hat Certificate Server Input Validation Vulnerability Vulnerability
Red Hat Certificate Server is an enterprise software system that provides an extensible security framework for establishing and maintaining trusted identities and keeping communications private. An input validation vulnerability vulnerability exists in Red Hat Certificate Server. Remotely...
NetIQ Access Manager Remote Code Execution Vulnerability
NetIQ Access Manager provides a simple, secure, and scalable solution to handle all your Web access needs. A remote code execution vulnerability exists in NetIQ Access Manager. The vulnerability is caused due to the iManager Certificate Server Management module allowing administrators to create...
Design/Logic Flaw
Red Hat PKI Common Framework rhpki-common in Red Hat Certificate System aka Certificate Server or RHCS 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended...
CVE-2008-1676
Red Hat PKI Common Framework rhpki-common in Red Hat Certificate System aka Certificate Server or RHCS 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended...
CVE-2008-1676
The CVE-2008-1676 issue concerns Red Hat Certificate System’s PKI Common Framework (rhpki-common) used by RHCS and Netscape Certificate Management System. The root cause is that certificate signing request (CSR) processing did not honor Certificate Authority profile constraints on Extensions, ena...
Design/Logic Flaw
Certificate Server 7.2 in Red Hat Certificate System RHCS does not properly handle new revocations that occur while a Certificate Revocation List CRL is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to...
CVE-2007-4994
Certificate Server 7.2 in Red Hat Certificate System RHCS does not properly handle new revocations that occur while a Certificate Revocation List CRL is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to...
CVE-2007-4994
CVE-2007-4994 affects Red Hat Certificate System (RHCS) where new revocations generated during CRL creation could cause revoked certificates to be omitted from the CRL, enabling a bypass of revocation for some certificates. Supported by Red Hat advisories (RHSA-2007:0934; RHSA-2008:0566) and rela...
CVE-2007-4994
Certificate Server 7.2 in Red Hat Certificate System RHCS does not properly handle new revocations that occur while a Certificate Revocation List CRL is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to...
High Risk Vulnerability in Red Hat Directory Server and Red Hat Certificate Server
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Red Hat Directory Server and Red Hat Certificate Server. It is possible that under certain circumstances these flaws could permit an unauthenticated attacker to remotely compromise the Directory or Certificate server, i...
Red Hat Certificate Server / Directory server buffer overflow
No description provided...
NAI PGP Cert Server DoS
It was possible to make the remote PGP Cert Server crash by spoofing a TCP connection that seems to come from an unresolvable IP address. OpenVAS Vulnerability Test $Id: PGPCertDoS.nasl 6040 2017-04-27 09:02:38Z teissa $ NAI PGP Cert Server DoS Authors: John Lampe [email protected] Changes by ...
CVE-2005-3269
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for 1 Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, 2 Red Hat Directory Server and 3 Certificate Server before 7.1 SP1, 4 Sun ONE Directory Server 5.1 SP4 and earlier, and 5 Sun ONE Administration Serv...
CVE-2005-3269
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for 1 Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, 2 Red Hat Directory Server and 3 Certificate Server before 7.1 SP1, 4 Sun ONE Directory Server 5.1 SP4 and earlier, and 5 Sun ONE Administration Serv...
CVE-2000-0543
The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000...