14 matches found
JLSEC-2026-220 The X.509 GeneralName type is a generic type for representing different types of names. One of...
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...
Exploit for Code Injection in Cisco Telepresence_Video_Communication_Server
I started looking at Cisco Expressway after I noticed quite a fe...
CVE-2023-28857
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “sslclientcert”. When checking the validity o...
Authentication flaw
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “sslclientcert”. When checking the validity o...
CVE-2023-28857 LDAP password leak in Apereo CAS - GHSL-2023-009
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “sslclientcert”. When checking the validity o...
CVE-2023-28857 LDAP password leak in Apereo CAS - GHSL-2023-009
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “sslclientcert”. When checking the validity o...
Ubuntu: Security Advisory (USN-5651-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Python -- NULL pointer dereference vulnerability
Python Changelog: bpo-35746: CVE-2019-5010 Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability TALOS-2018-0758 reported by Colin Read and Nicolas Ede...
Ubuntu: Security Advisory (USN-2727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 15.04 : gnutls28 vulnerabilities (USN-2727-1)
It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...
CVE-2011-1224
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points CDP certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a 1 client, 2 queue manager, or 3 application...
Code injection
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points CDP certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a 1 client, 2 queue manager, or 3 application...
CVE-2011-1224
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 do not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application. No further techn...
CVE-2011-1224
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points CDP certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a 1 client, 2 queue manager, or 3 application...