12 matches found
openSUSE Security Update : kdelibs4 (openSUSE-SU-2011:0281-1)
KSSL did not properly verify the host name of a certificate if the certificate was issued for an IP address CVE-2011-1094. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update kdelibs4-4225. The te...
Oracle Linux 6 : kdelibs (ELSA-2011-0464)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0464 advisory. - rebase the fix for CVE-2011-1094 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Ubuntu 9.10 / 10.04 LTS / 10.10 : kde4libs vulnerabilities (USN-1110-1)
It was discovered that KDE KSSL did not properly verify X.509 certificates when the certificate was issued for an IP address. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. CVE-2011-1094 Tim Brown discovered th...
Ubuntu Update for kde4libs USN-1110-1
Ubuntu Update for Linux kernel vulnerabilities USN-1110-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11101.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for kde4libs USN-1110-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...
openSUSE Security Update : kdelibs4 (openSUSE-SU-2011:0280-1)
KSSL did not properly verify the host name of a certificate if the certificate was issued for an IP address CVE-2011-1094. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update kdelibs4-4216. The te...
RHEL 6 : kdelibs (RHSA-2011:0464)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0464 advisory. The kdelibs packages provide libraries for the K Desktop Environment KDE. A cross-site scripting XSS flaw was found in the way KHTML, the HT...
kdelibs security update
6:4.3.4-11.2 - rebase the fix for CVE-2011-1094 6:4.3.4-11.1 - fixes CVE-2011-1094, CVE-2011-1168...
[USN-1110-1] KDE-Libs vulnerabilities
========================================================================== Ubuntu Security Notice USN-1110-1 April 14, 2011 kde4libs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
SuSE 11.1 Security Update : kdelibs4 (SAT Patch Number 4217)
KSSL did not properly verify the host name of a certificate if the certificate was issued for an IP address CVE-2011-1094. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update informatio...
CVE-2011-1094
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate...
CVE-2011-1094
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate...
CVE-2011-1094
CVE-2011-1094 affects KDE KDE-kdelibs KSSL prior to version 4.6.1, where hostname verification is not properly performed against the certificate’s subject/subjectAltName. This enables MITM spoofing of SSL servers with certificates issued by legitimate CAs for IP addresses. OpenVAS/OSS advisories ...