9 matches found
[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1700-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 11, 2009 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1700-1 (lasso)
The remote host is missing an update to lasso announced via advisory DSA 1700-1. OpenVAS Vulnerability Test $Id: deb17001.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1700-1 lasso Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian DSA-1700-1 : lasso - incorrect API usage
It was discovered that Lasso, a library for Liberty Alliance and SAML protocols performs incorrect validation of the return value of OpenSSL's DSAverify function. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass
------------------------------------------------------------------------ Debian Security Advisory DSA-1700-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 11, 2009 http://www.debian.org/security/faq -...
CVE-2009-0050
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
CVE-2009-0050
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
CVE-2009-0050
Technical details for CVE-2009-0050 are not publicly available in the provided documents. Monitor for updates.
CVE-2009-0050
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
Solaris 9 (x86) : 114265-23
SunOS 5.9x86: in.dhcpd libresolv and BIND. Date this patch was last updated by Sun : Jul/21/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...