LibSSH Flaw Allows Hackers to Take Over Servers Without Password

A four-year-old severe vulnerability has been discovered in the Secure Shell SSH implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security...

Design/Logic Flaw

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year 1950 of UTCTime being misinterpreted as 2050...

CVE-2017-1000416

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year 1950 of UTCTime being misinterpreted as 2050...

CVE-2017-1000416

Removed by vendor...

CVE-2017-1000416

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year 1950 of UTCTime being misinterpreted as 2050...

CVE-2017-1000416

CVE-2017-1000416 concerns axTLS 1.5.3, where a coding error in the ASN.1 parser causes the UTCTime year (19)50 to be misinterpreted as 2050. The available sources describe the issue and its manifestation but do not specify affected products beyond axTLS 1.5.3, nor provide remediation steps or exp...

Debian DLA-1179-1 : shibboleth-sp2 security update

Rod Widdowson of Steading System Software LLP discovered a coding error in the 'Dynamic' metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. For Debian 7 'Wheezy',...

Debian DLA-1178-1 : opensaml2 security update

Rod Widdowson of Steading System Software LLP discovered a coding error in the OpenSAML library, causing the DynamicMetadataProvider class to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. For Debian 7 'Wheezy', these problems have bee...

[SECURITY] [DLA 1179-1] shibboleth-sp2 security update

Package : shibboleth-sp2 Version : 2.4.3+dfsg-5+deb7u2 CVE ID : CVE-2017-16852 Debian Bug : 881857 Rod Widdowson of Steading System Software LLP discovered a coding error in the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the...

[SECURITY] [DLA 1178-1] opensaml2 security update

Package : opensaml2 Version : 2.4.3-4+deb7u2 CVE ID : CVE-2017-16853 Debian Bug : 881856 Rod Widdowson of Steading System Software LLP discovered a coding error in the OpenSAML library, causing the DynamicMetadataProvider class to fail configuring itself with the filters provided and omitting...

Debian DSA-4038-1 : shibboleth-sp2 - security update

Rod Widdowson of Steading System Software LLP discovered a coding error in the 'Dynamic' metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. See...

Debian DSA-4039-1 : opensaml2 - security update

Rod Widdowson of Steading System Software LLP discovered a coding error in the OpenSAML library, causing the DynamicMetadataProvider class to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. See...

[SECURITY] [DSA 4039-1] opensaml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4039-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4039-1] opensaml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4039-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4038-1] shibboleth-sp2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4038-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4038-1] shibboleth-sp2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4038-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...

FreeBSD : shibboleth2-sp -- 'Dynamic' metadata provider plugin issue (b4b7ec7d-ca27-11e7-a12d-6cc21735f730)

The Internet2 community reports : The Shibboleth Service Provider software includes a MetadataProvider plugin with the plugin type 'Dynamic' to obtain metadata on demand from a query server, in place of the more typical mode of downloading aggregates separately containing all of the metadata to...

Debian: Security Advisory (DSA-4039-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-4038-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

shibboleth2-sp -- "Dynamic" metadata provider plugin issue

The Internet2 community reports: The Shibboleth Service Provider software includes a MetadataProvider plugin with the plugin type "Dynamic" to obtain metadata on demand from a query server, in place of the more typical mode of downloading aggregates separately containing all of the metadata to...