9 matches found
K15578: MD5 Message-Digest Algorithm vulnerability CVE-2004-2761
Security Advisory Description The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. CVE-2004-2761 Impact A...
GHSA-M5M3-46GJ-WCH8 SIF's Digital Signature Hash Algorithms Not Validated
Impact The github.com/sylabs/sif/v2/pkg/integrity package does not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. Patches A patch is available in version = v2.8.1 of the module. Users are encouraged to upgrade. The patch is commit...
SIF's Digital Signature Hash Algorithms Not Validated
Impact The github.com/sylabs/sif/v2/pkg/integrity package does not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. Patches A patch is available in version = v2.8.1 of the module. Users are encouraged to upgrade. The patch is commit...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2761. Reason: This candidate is subsumed by CVE-2004-2761. Notes: All CVE users should reference CVE-2004-2761 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accident...
Ubuntu USN-737-1 (libsoup)
The remote host is missing an update to libsoup announced via advisory USN-737-1. OpenVAS Vulnerability Test $Id: ubuntu7371.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7371.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-737-1 libsoup Authors: Thomas...
Fedora Core 10 FEDORA-2009-1291 (nss)
The remote host is missing an update to nss announced via advisory FEDORA-2009-1291. OpenVAS Vulnerability Test $Id: fcore20091291.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1291 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Fedora Core 9 FEDORA-2009-1276 (nss)
The remote host is missing an update to nss announced via advisory FEDORA-2009-1276. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-1276 (nss)
The remote host is missing an update to nss announced via advisory FEDORA-2009-1276. OpenVAS Vulnerability Test $Id: fcore20091276.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1276 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Fedora 9 : nss-3.12.2.0-2.fc9 (2009-1276)
This updates adds protection against rogue CA that was generated as a proof-of- concept of the MD5 collision attacks against X509 signatures: http://www.win.tue.nl/hashclash/rogue-ca/ , related to CVE-2004-2761. Note that Tenable Network Security has extracted the preceding description block...