Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.23 views

Gentoo Security Advisory GLSA 200803-30 (ssl-cert.eclass)

The remote host is missing updates announced in advisory GLSA 200803-30. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

1.9CVSS0.3AI score0.00212EPSS
Exploits1
seebug.org
seebug.org
added 2008/03/22 12:0 a.m.33 views

Gentoo ssl-cert eclass信息泄露漏洞

BUGTRAQ ID: 28350 CVECAN ID: CVE-2008-1383 Gentoo Linux是一套通用的、快捷的、完全免费的Linux版本,面向开发人员和专业网络人员。 Gentoo Linux的ssl-cert.eclass实现上存在漏洞,本地攻击者可能利用此漏洞非授权获取信息。...

1.9CVSS6.4AI score0.00212EPSS
Exploits1
Cvelist
Cvelist
added 2008/03/18 10:0 p.m.22 views

CVE-2008-1383

The docert function in ssl-cert.eclass, when used by srccompile or srcinstall on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate...

6.1AI score0.00212EPSS
Exploits1References6
CVE
CVE
added 2008/03/18 10:0 p.m.63 views

CVE-2008-1383

CVE-2008-1383 describes a local-privilege disclosure in Gentoo’s ssl-cert.eclass: the docert() function, when invoked during src_compile/src_install, can cause the generated SSL private key to be stored inside pre-built binary packages (binpkgs). This allows a local user to extract the key from b...

1.9CVSS6AI score0.00212EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder