Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.28 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.24 views

SuSE 10 Security Update : eID-belgium (ZYPP Patch Number 6006)

eID-belgium uses EVPVerifyFinal incorrectly CVE-2009-0049 which allowed bypassing the validation of the certificate chain. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

5CVSS5.3AI score0.01185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.32 views

Debian DSA-1946-1 : belpic - cryptographic weakness

It was discovered that belpic, the belgian eID PKCS11 library, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which could be used to bypass the certificate validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5CVSS5.4AI score0.01185EPSS
Exploits0References3
Debian
Debian
added 2009/12/04 9:2 p.m.33 views

[SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness

------------------------------------------------------------------------ Debian Security Advisory DSA-1946-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 04, 2009 http://www.debian.org/security/faq -...

5CVSS6.1AI score0.01185EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.26 views

openSUSE Security Update : eID-belgium (eID-belgium-541)

eID-belgium uses EVPVerifyFinal incorrectly CVE-2009-0049 which allowed bypassing the validation of the certificate chain. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update eID-belgium-541. The...

5CVSS5.3AI score0.01185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.34 views

openSUSE Security Update : eID-belgium (eID-belgium-541)

eID-belgium uses EVPVerifyFinal incorrectly CVE-2009-0049 which allowed bypassing the validation of the certificate chain. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update eID-belgium-541. The...

5CVSS5.3AI score0.01185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.36 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.26 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)

It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

7.5CVSS7.4AI score0.05146EPSS
Exploits6References12
OpenVAS
OpenVAS
added 2009/03/02 12:0 a.m.24 views

SuSE Security Summary SUSE-SR:2009:005

The remote host is missing updates announced in advisory SUSE-SR:2009:005. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...

10CVSS1.4AI score0.71986EPSS
Exploits16
UbuntuCve
UbuntuCve
added 2009/01/07 6:30 p.m.22 views

CVE-2009-0049

Belgian eID middleware eidlib 2.6.0 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

5CVSS5.9AI score0.01185EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/01/07 6:0 p.m.28 views

CVE-2009-0049

Belgian eID middleware eidlib 2.6.0 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

7.2AI score0.01185EPSS
Exploits0References4
Rows per page
Query Builder