Lucene search
K

74 matches found

RedHat Linux
RedHat Linux
added 2015/10/22 6:34 p.m.8 views

OpenJDK: CRL checking flaw (Libraries, 8081744)

Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

7.6CVSS7.2AI score0.0538EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/10/21 9:7 p.m.7 views

OpenJDK: CRL checking flaw (Libraries, 8081744)

Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

7.6CVSS7.2AI score0.0538EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.31 views

Amazon Linux AMI : openssl (ALAS-2011-4)

An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List CRL checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. All OpenSSL users should upgrade to these updated packages,...

5CVSS7.2AI score0.05012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.42 views

Scientific Linux Security Update : openssl on SL6.x i386/x86_64

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL...

5CVSS7.2AI score0.05012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/10/26 4:6 p.m.47 views

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5CVSS6.8AI score0.05012EPSS
Exploits0References2
Amazon
Amazon
added 2011/10/10 12:0 a.m.30 views

Medium: openssl

Issue Overview: An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List CRL checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. All OpenSSL users should upgrade to these...

5CVSS8.1AI score0.05012EPSS
Exploits0
OpenSSL
OpenSSL
added 2011/09/06 12:0 a.m.46 views

Vulnerability in OpenSSL CVE-2011-3207

Under certain circumstances OpenSSL’s internal certificate verification routines can incorrectly accept a CRL whose nextUpdate field is in the past. Applications are only affected by the CRL checking vulnerability if they enable OpenSSL’s internal CRL checking which is off by default. Application...

8.4AI score0.05012EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2011/07/04 12:0 a.m.99 views

About the security content of Mac OS X v10.6.8 and Security Update 2011-004

About the security content of Mac OS X v10.6.8 and Security Update 2011-004 Last Modified: June 23, 2011 Article: HT4723 Email this article Print this page Summary This document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update...

10CVSS0.3AI score0.35013EPSS
Exploits21
NVD
NVD
added 2011/06/24 8:55 p.m.18 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5.9CVSS5AI score0.00754EPSS
Exploits1References3
Prion
Prion
added 2011/06/24 8:55 p.m.17 views

Code injection

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5.8CVSS6.2AI score0.00754EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2011/06/24 8:0 p.m.20 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5AI score0.00754EPSS
Exploits1References3
CVE
CVE
added 2011/06/24 8:0 p.m.50 views

CVE-2011-0199

CVE-2011-0199 affects Apple Mac OS X’s Certificate Trust Policy prior to 10.6.8. The issue is an EV certificate handling error where, if OCSP URLs are absent and CRL checking is enabled, CRL is not checked and a revoked EV certificate may be accepted, enabling MITM-style spoofing of SSL. Public d...

5.9CVSS4.9AI score0.00754EPSS
Exploits1References3Affected Software2
securityvulns
securityvulns
added 2007/06/28 12:0 a.m.40 views

Juniper SBR V 6.0.1 CRL-Checking problem

We tried to setup crl-checking on den sbr v 6.0.1 Steel Belted RADIUS. The URL socket is located on the RSA Authenticationsever V 6.7. Radius authentication via EAP TLS should not work because the SBR got a "CRL Fetch: HTTP socket connect failure from one of...

7.2AI score
Exploits0
CERT
CERT
added 2001/05/17 12:0 a.m.37 views

Internet Explorer incorrectly validates certificates when CRL checking is enabled

Overview Microsoft Internet Explorer IE fails to properly validate certificates when CRL checking is enabled. As a result, sensitive information may be exposed. Description Digital certificates are small documents used to authenticate and encrypt information transmitted over the Internet. One ver...

5.1CVSS5.8AI score0.05321EPSS
Exploits0References8
Rows per page
Query Builder