Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.24 views

SuSE 11 Security Update : libesmtp (SAT Patch Number 2390)

libesmtp did not properly handle wildcards and embedded null characters in the Common Name of X.509 certificates CVE-2010-1192 / CVE-2010-1194. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE...

6.8CVSS5.1AI score0.01176EPSS
Exploits0References5
securityvulns
securityvulns
added 2010/10/08 12:0 a.m.70 views

[ MDVSA-2010:195 ] libesmtp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:195 http://www.mandriva.com/security/ Package : libesmtp Date : October 4, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple...

6.8CVSS7AI score0.05741EPSS
Exploits4
ALT Linux
ALT Linux
added 2010/10/05 12:0 a.m.33 views

Security fix for the ALT Linux 5 package libesmtp version 1.0.4-alt2.1.0.M50P.1

Oct. 5, 2010 Vladimir Lettiev 1.0.4-alt2.1.0.M50P.1 - Fixed CVE-2010-1192, CVE-2010-1194 certificate validation flaws. Fix backported from 1.0.6...

6.8CVSS6.2AI score0.01176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/05/07 12:0 a.m.22 views

openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)

libesmtp did not properly handle wildcards and embedded null characters in the Common Name of X.509 certificates CVE-2010-1192, CVE-2010-1194. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS5.2AI score0.01176EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/05/07 12:0 a.m.26 views

openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)

libesmtp did not properly handle wildcards and embedded null characters in the Common Name of X.509 certificates CVE-2010-1192, CVE-2010-1194. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS5.2AI score0.01176EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/05/07 12:0 a.m.25 views

openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)

libesmtp did not properly handle wildcards and embedded null characters in the Common Name of X.509 certificates CVE-2010-1192, CVE-2010-1194. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS5.2AI score0.01176EPSS
Exploits0References4
NVD
NVD
added 2010/03/31 6:0 p.m.13 views

CVE-2010-1194

The matchcomponent function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName...

6.8CVSS5.6AI score0.01176EPSS
Exploits0References5
OSV
OSV
added 2010/03/31 6:0 p.m.7 views

CVE-2010-1194

The matchcomponent function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName...

6.7AI score
Exploits0References5
CVE
CVE
added 2010/03/31 5:35 p.m.45 views

CVE-2010-1194

The connected sources confirm CVE-2010-1194 affects libESMTP (notably 1.0.3.r1 and 1.0.4) where match_component in smtp-tls.c treats strings as equal if one is a substring of the other, enabling remote certificate spoofing via crafted subjectAltName. Public advisories (Mandriva) indicate patches ...

6.8CVSS6.4AI score0.01176EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2010/03/31 5:35 p.m.33 views

CVE-2010-1194

The matchcomponent function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName...

6.8CVSS6.4AI score0.01176EPSS
Exploits0
Rows per page
Query Builder