12 matches found
CVE-2026-59692
GStreamer DTLS plugin exposes a stack buffer overflow during DTLS handshake when formatting the peer certificate Subject DN into a fixed 2048-byte stack buffer without bounds checks. A remote unauthenticated attacker can supply an oversized Subject DN to trigger the overflow, causing a crash and ...
PT-2026-29126
Name of the Vulnerable Software and Affected Versions Botan versions prior to 3.11.0 Description Botan is a C++ cryptography library. When processing X.509 certificate paths with DNS name constraints, a case-sensitive comparison of the Common Name CN allowed a certificate to bypass restrictions...
Bouncy Castle 信任管理问题漏洞
Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages. A security vulnerability exists in Bouncy Castle For Java versions prior to 1.74, which stems from an LDAP injection vulnerability due to a failure to...
SUSE CVE-2004-0488
Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...
DEBIAN-CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
PT-2012-6131 · Filesanywhere · Filesanywhere
Name of the Vulnerable Software and Affected Versions: FilesAnywhere affected versions not specified Description: The issue arises from FilesAnywhere not verifying that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate. This...
DEBIAN-CVE-2010-1155
Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name CN field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate...
Fedora Core 11 FEDORA-2009-8815 (neon)
The remote host is missing an update to neon announced via advisory FEDORA-2009-8815. OpenVAS Vulnerability Test $Id: fcore20098815.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8815 neon Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
DEBIAN-CVE-2009-2404
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger AIM, allows remote SSL servers to cause a denial of service application crash or possibly...
DEBIAN-CVE-2009-2408
Mozilla Network Security Services NSS before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to...