Mandriva Update for kdelibs4 MDVSA-2011:071 (kdelibs4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-1094

kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate...

EC-Council Launches Center of Advanced Security Training (CAST) !

EC-Council Launches Center for Advanced Security Training CAST to Address the Growing Need for Advanced Information Security Knowledge Mar 9, 2011, Albuquerque, NM - According to the report, Commission on Cybersecurity for the 44th President, released in November 2010 by Center for Strategic and...

Ethical hacker (CEH) training now in syllabus of Riphah International University,Pakistan !

Islamabad: The first-ever 'Ethical Hacking and Countermeasures CEH' training course organised by the Riphah International University, in collaboration with internationally renowned information security certification body, EC-Council, concluded here on Wednesday. Riphah International University is...

DEBIAN-CVE-2011-0539

The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...

Mandriva Update for nss MDVA-2010:241 (nss)

Check for the Version of nss OpenVAS Vulnerability Test Mandriva Update for nss MDVA-2010:241 nss Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

India Orders Security Certification for Government Websites After CBI Hack

India has mandated that all government ministries and departments secure their websites with proper certification. This directive follows the hacking of the Central Bureau of Investigation CBI website by a group calling themselves the "Pakistani Cyber Army." The National Informatics Centre has be...

7) Reputation matters – check it!

When you walk into a doctor’s office, you like to see those frames hanging, right? The degrees from the prestigious medical school and certificates of completion from a reputable hospital residency program? The license from your state’s Board of Registration in Medicine, maybe? They don’t mean yo...

Debian Security Advisory DSA 2123-1 (nss)

The remote host is missing an update to nss announced via advisory DSA 2123-1. OpenVAS Vulnerability Test $Id: deb21231.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2123-1 nss Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

CVE-2010-1378

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority...

CVE-2010-1378

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority...

BSA-009 Security Update for nss

Alexander Reichle-Schmehl uploaded new packages for nss which fixed the following security problems: CVE-2010-3170 NSS recognizes a wildcard IP address in the subjects Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a...

Design/Logic Flaw

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL serve...

CVE-2010-3170

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL serve...

New Certifications Will Set High Bar for IT Security Pros

A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation. The National Board of Information Security Examiners NBISE i...

Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)

Multiple vulnerabilities was discovered and corrected in kdelibs4 : KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '' NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...

Design/Logic Flaw

istream.c in w3m 0.5.2 and possibly other versions, when sslverifyserver is enabled, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary S...

CVE-2010-1192

libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification...

Design/Logic Flaw

libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification...

CVE-2010-1192

libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification...