Lucene search
K

957 matches found

securityvulns
securityvulns
added 2007/11/20 12:0 a.m.26 views

Firefox / Konqueror / Safari certificate spoofing

Link between certificate and web site is not set, if certificate from unknown certification authirity is manually approved, making it's possible to use same certificate for different site withour warning...

2.5AI score
Exploits0References3Affected Software3
securityvulns
securityvulns
added 2007/10/02 12:0 a.m.33 views

CheckPoint Secure Platform Multiple Buffer Overflows

Hi all, we have published a paper about CheckPoint Firewall-1 vulnerabilities. The platform tested is the Secure Platform R60. We have found many buffer overflows. Most of them are located in command line utilities that can be exploited locally. A very few of them maybe can be exploited remotely,...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2006/05/17 12:0 a.m.53 views

ScanAlert Security Advisory

ScanAlert Security Advisory http://www.scanalert.com Caucho Resin Multiple Vulnerabilities - Arbitrary File Access & Information Disclosure Date: 5/16/06 Vendor: Caucho Package: Resin Version: 3.0.17 and 3.0.18 – Vendor Confirmed Credit: ScanAlert’s Security and Enterprise Services Teams. Risk:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2006/05/17 12:0 a.m.28 views

[Full-disclosure] What's Up Professional Spoofing Authentication Bypass

What's Up Professional 2006 is vulnerable to a spoofing attack whereby the attacker can trick the application into thinking he/she is making a request from the console which is considered trusted. This attack will allow the attacker to bypass the authentication mechanism of the application and...

1AI score
Exploits0
securityvulns
securityvulns
added 2005/11/18 12:0 a.m.32 views

[SA17619] yaSSL Unspecified Certification Chain Processing Vulnerability

TITLE: yaSSL Unspecified Certification Chain Processing Vulnerability SECUNIA ADVISORY ID: SA17619 VERIFY ADVISORY: http://secunia.com/advisories/17619/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: yaSSL Library 1.x http://secunia.com/product/6145/ DESCRIPTION: A...

0.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/10/05 11:49 a.m.29 views

Low: Red Hat Security Advisory: vixie-cron security update

An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specifie...

2.1CVSS5.9AI score0.00539EPSS
Exploits1References10
securityvulns
securityvulns
added 2004/11/03 12:0 a.m.30 views

Cisco Secure ACS protection bypass

IF EAP-TLS is used validity of ceritifcation agency is not checked...

2.2AI score
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2004/07/25 12:0 a.m.58 views

Mozilla certificate spoofing

Mozilla and Mozilla Firefox contains a flaw that may allow a malicious user to spoof SSL certification...

5CVSS6.3AI score0.05736EPSS
Exploits0References5
securityvulns
securityvulns
added 2003/09/09 12:0 a.m.24 views

Re: BAD NEWS: Microsoft Security Bulletin MS03-032

The patch for Drew's object data=funky.hta doesn't work: This is the exact same issue as http://greymagic.com/adv/gm001-ie/, which explains the problem in detail. Microsoft again patches the object element in HTML, but it doesn't patch the dynamic version of that same element. 1. Disable Active...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2002/12/28 12:0 a.m.34 views

Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability

============================================================================ == SECURITY ALERT Windows File Protection Arbitrary Certificate Chain Vulnerability December 26, 2002 Full Disclosure, [email protected] and others December 24, 2002 Private Disclosure Jason Coombs [email protected]...

0.1AI score
Exploits0
canvas
canvas
added 2002/07/03 4:0 a.m.159 views

Immunity Canvas: APACHECHUNK_WIN32

Name| apachechunkwin32 ---|--- CVE| CVE-2002-0392 Exploit Pack| CANVAS Description| Apache Chunk win32 Notes| References: http://www.apache.org CVE Name: CVE-2002-0392 VENDOR: Apache Notes: Apache 1.3 through 1.3.24 Repeatability: Multiple tries Date public: 06/17/2002 CERT Advisory:...

7.5CVSS6.3AI score0.95027EPSS
Exploits8
CERT
CERT
added 2001/09/19 12:0 a.m.25 views

IE fails to check certificates properly if initial SSL connection originates in an IFRAME or Image

Overview Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT Advisory CA-2000-05 and CERT...

2.6CVSS6AI score0.04835EPSS
Exploits0References1
securityvulns
securityvulns
added 2000/09/19 12:0 a.m.54 views

Linux news 19.09.00

Linux 2.2.18pre9 Alan Cox выпустил новую pre-версию следующего стабильного ядра Linux: 2.2.18pre9. В этой версии была поправлена поддержка NFS и была добавлена поддержка NFSv3, перенесены некоторые USB драйвера из Linux 2.4 и др. Подробнее:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.39 views

<Антивирус Касперского> получает сертификат Trojan Checkmark

No description provided...

1.1AI score
Exploits0References1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.62 views

icsa.certified.weak.crypto.txt

Date: Thu, 27 May 1999 00:24:26 -0700 From: Lucky Green To: [email protected] Subject: ICSA certifies weak crypto as secure I am becoming concerned about the apparent lack of professional competence within even well-known segments of the security community. I hope the incident I discovered is ...

7.4AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.2 views

ROS-2-3469

2.3469 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

5.8AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.7 views

ROS-2-4247

2.4247 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

5.8AI score
Exploits0
Rows per page
Query Builder