Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.28 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.36 views

Solaris 10 (x86) : 139501-02

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrando...

7.5CVSS7.9AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.26 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : ntp vulnerability (USN-705-1)

It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

7.5CVSS7.4AI score0.05146EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2009/01/16 12:0 a.m.22 views

Fedora 9 : tqsllib-2.0-5.fc9 (2009-0543)

The TrustedQSL library incorrectly checked the result after calling the EVPVerifyFinal function, allowing a malformed signature to be treated as a good signature rather than as an error. Package includes a patch to fix EVPVerifyFinal result check. Note that Tenable Network Security has extracted...

5CVSS5.3AI score0.01324EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2009/01/15 5:30 p.m.30 views

CVE-2009-0124

The tqslverifyDataBlock function in opensslcert.cpp in American Radio Relay League ARRL tqsllib 2.0 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a...

5CVSS5.9AI score0.01324EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/01/15 5:0 p.m.29 views

CVE-2009-0124

The tqslverifyDataBlock function in opensslcert.cpp in American Radio Relay League ARRL tqsllib 2.0 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a...

7.1AI score0.01324EPSS
Exploits1References5
CVE
CVE
added 2009/01/15 5:0 p.m.53 views

CVE-2009-0124

Technical details (affected software/versions/root cause/remediation) are not publicly provided in the connected documents. The initial CVE description mentions OpenSSL EVP_VerifyFinal but does not enumerate affected products or fixes within this document set.

5CVSS7.5AI score0.01324EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder