Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.28 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.26 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)

It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

7.5CVSS7.4AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.36 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Cvelist
Cvelist
added 2009/01/07 6:0 p.m.24 views

CVE-2009-0047

Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077...

7.2AI score0.01181EPSS
Exploits0References3
CVE
CVE
added 2009/01/07 6:0 p.m.64 views

CVE-2009-0047

CVE-2009-0047 affects Gale 0.99 and earlier due to improper checking of the OpenSSL EVP_VerifyFinal return value, allowing a remote attacker to bypass certificate-chain validation via a malformed SSL/TLS signature for DSA/ECDSA keys. The root cause is the same class of issue described in CVE-2008...

5CVSS7.6AI score0.01181EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder