5 matches found
Solaris 10 (x86) : 139501-02
SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)
It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...
Solaris 10 (x86) : 139501-02
SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...
CVE-2009-0047
Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077...
CVE-2009-0047
CVE-2009-0047 affects Gale 0.99 and earlier due to improper checking of the OpenSSL EVP_VerifyFinal return value, allowing a remote attacker to bypass certificate-chain validation via a malformed SSL/TLS signature for DSA/ECDSA keys. The root cause is the same class of issue described in CVE-2008...