Lucene search
K

15 matches found

OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.22 views

OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Windows

OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

2.6CVSS6.5AI score0.02735EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2014/06/23 12:0 a.m.42 views

SOL15369 - OpenSSL vulnerability CVE-2009-0591

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

2.6CVSS2.7AI score0.02735EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.44 views

OpenSSL < 0.9.8k Signature Repudiation

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8k. As such, it may allow a valid sign to generate invalid signatures which would appear valid and could be repudiated later. This only affects CMS users. CMS appeared in OpenSSL 0.9.8h. C Tenable...

2.6CVSS8.3AI score0.02735EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/11 12:0 a.m.68 views

Mac OS X Multiple Vulnerabilities (Security Update 2009-005)

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-005 applied. This security update contains fixes for the following products : - Alias Manager - CarbonCore - ClamAV - ColorSync - CoreGraphics - CUPS - Flash Player plug-in - ImageIO - Launch...

10CVSS7.5AI score0.25006EPSS
Exploits23References36
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.27 views

openSUSE Security Update : libopenssl-devel (libopenssl-devel-786)

This update of openssl fixes the following problems : - CVE-2009-0590: ASN1STRINGprintex function allows remote denial of service - CVE-2009-0591: CMSverify function allows signatures to look valid - CVE-2009-0789: denial of service due to malformed ASN.1 structures %NASLMINLEVEL 70300 C Tenable...

5CVSS8AI score0.06194EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/07/17 12:0 a.m.32 views

HP-UX Update for OpenSSL HPSBUX02435

Check for the Version of OpenSSL OpenVAS Vulnerability Test HP-UX Update for OpenSSL HPSBUX02435 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

5CVSS7.1AI score0.06194EPSS
Exploits0References2
Slackware Linux
Slackware Linux
added 2009/04/07 11:29 p.m.45 views

openssl

New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0789 https://vulners.com/cve/CVE-2009-0591...

5CVSS7.7AI score0.06194EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/04/02 12:0 a.m.26 views

OpenSSL Multiple Vulnerabilities (Windows)

This host is installed with OpenSSL and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbopensslmultvulnwin.nasl 8193 2017-12-20 10:46:55Z cfischer $ OpenSSL Multiple Vulnerabilities Windows Authors: Sujit Ghosal Copyright: Copyright c 2009 Greenbone Networks GmbH,...

5CVSS0.1AI score0.06194EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/02 12:0 a.m.31 views

OpenSSL Multiple Vulnerabilities (Mar 2009) - Windows

OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

5CVSS9.5AI score0.06194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2009/03/27 4:30 p.m.32 views

CVE-2009-0591

The CMSverify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid...

2.6CVSS7.2AI score0.02735EPSS
Exploits0References2
CVE
CVE
added 2009/03/27 4:0 p.m.73 views

CVE-2009-0591

The CVE-2009-0591 entry concerns OpenSSL CMS_verify behavior. Affected software: OpenSSL 0.9.8h–0.9.8j when CMS is enabled. Root cause: CMS verification path does not correctly handle errors related to malformed signed attributes. Impact: remote attackers can repudiate a signature that appeared v...

2.6CVSS6.3AI score0.02735EPSS
Exploits0References28Affected Software1
ALT Linux
ALT Linux
added 2009/03/25 12:0 a.m.76 views

Security fix for the ALT Linux 6 package openssl10 version 0.9.8k-alt1

March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...

5CVSS6.9AI score0.06194EPSS
Exploits0
ALT Linux
ALT Linux
added 2009/03/25 12:0 a.m.30 views

Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8k-alt1

March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...

5CVSS7AI score0.06194EPSS
Exploits0
ALT Linux
ALT Linux
added 2009/03/25 12:0 a.m.29 views

Security fix for the ALT Linux 8 package openssl10 version 0.9.8k-alt1

March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...

5CVSS6.8AI score0.06194EPSS
Exploits0
OpenSSL
OpenSSL
added 2009/03/25 12:0 a.m.28 views

Vulnerability in OpenSSL CVE-2009-0591

The function CMSverify does not correctly handle an error condition involving malformed signed attributes. This will cause an invalid set of signed attributes to appear valid and content digests will not be checked. Found by Ivan Nestlerode, IBM...

8AI score0.02735EPSS
Exploits0Affected Software1
Rows per page
Query Builder