5 matches found
Solaris 10 (x86) : 139501-02
SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 139501-02
SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)
It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...
CVE-2009-0048
OpenEvidence 1.0.6 and earlier are affected by CVE-2009-0048 due to not properly checking the return value from OpenSSL EVP_VerifyFinal, enabling remote attackers to bypass certificate-chain validation via a malformed SSL/TLS signature for DSA and ECDSA keys. Root cause: failed validation check i...
CVE-2009-0048
OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077...