Lucene search
K

9 matches found

securityvulns
securityvulns
added 2009/01/14 12:0 a.m.79 views

[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1700-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 11, 2009 http://www.debian.org/security/faq -...

4.3CVSS0.2AI score0.01336EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/01/13 12:0 a.m.22 views

Debian Security Advisory DSA 1700-1 (lasso)

The remote host is missing an update to lasso announced via advisory DSA 1700-1. OpenVAS Vulnerability Test $Id: deb17001.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1700-1 lasso Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS6.5AI score0.01336EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/01/12 12:0 a.m.20 views

Debian DSA-1700-1 : lasso - incorrect API usage

It was discovered that Lasso, a library for Liberty Alliance and SAML protocols performs incorrect validation of the return value of OpenSSL's DSAverify function. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

4.3CVSS5.3AI score0.01336EPSS
Exploits0References3
Debian
Debian
added 2009/01/11 9:48 p.m.31 views

[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass

------------------------------------------------------------------------ Debian Security Advisory DSA-1700-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 11, 2009 http://www.debian.org/security/faq -...

4.3CVSS6.1AI score0.01336EPSS
Exploits0
NVD
NVD
added 2009/01/07 6:30 p.m.22 views

CVE-2009-0050

Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...

4.3CVSS7.5AI score0.01336EPSS
Exploits0References3
OSV
OSV
added 2009/01/07 6:30 p.m.8 views

CVE-2009-0050

Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...

7.5AI score
Exploits0References3
CVE
CVE
added 2009/01/07 6:0 p.m.82 views

CVE-2009-0050

Technical details for CVE-2009-0050 are not publicly available in the provided documents. Monitor for updates.

4.3CVSS7.1AI score0.01336EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2009/01/07 6:0 p.m.32 views

CVE-2009-0050

Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...

4.3CVSS7AI score0.01336EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.54 views

Solaris 9 (x86) : 114265-23

SunOS 5.9x86: in.dhcpd libresolv and BIND. Date this patch was last updated by Sun : Jul/21/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

6.8CVSS6.5AI score0.95182EPSS
Exploits21References8
Rows per page
Query Builder