Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.28 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.36 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.26 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)

It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

7.5CVSS7.4AI score0.05146EPSS
Exploits6References12
CVE
CVE
added 2009/01/07 6:0 p.m.58 views

CVE-2009-0048

OpenEvidence 1.0.6 and earlier are affected by CVE-2009-0048 due to not properly checking the return value from OpenSSL EVP_VerifyFinal, enabling remote attackers to bypass certificate-chain validation via a malformed SSL/TLS signature for DSA and ECDSA keys. Root cause: failed validation check i...

5CVSS7.5AI score0.01181EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/01/07 6:0 p.m.27 views

CVE-2009-0048

OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077...

7.2AI score0.01181EPSS
Exploits0References3
Rows per page
Query Builder