Lucene search
K

4 matches found

CBLMariner
CBLMariner
added 2020/09/09 6:9 a.m.40 views

CVE-2018-21029 affecting package systemd 239-44

CVE-2018-21029 affecting package systemd 239-44. A patched version of the package is available...

9.8CVSS7.5AI score0.03138EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/10/30 10:15 p.m.26 views

CVE-2018-21029

systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication SNI is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname...

9.8CVSS6.7AI score0.03138EPSS
Exploits1References3
CVE
CVE
added 2019/10/30 9:46 p.m.97 views

CVE-2018-21029

CVE-2018-21029 affects systemd 239–245, where DNS over TLS accepts any CA-signed certificate because hostname validation is not performed with the GnuTLS backend and SNI is not sent. This creates potential exposure of confidentiality/integrity/availability for DNS over TLS connections, with CVSS ...

9.8CVSS9.3AI score0.03138EPSS
Exploits1References9Affected Software1
Symantec
Symantec
added 2019/10/30 12:0 a.m.20 views

systemd CVE-2018-21029 Certificate Validation Security Bypass Vulnerability

Description systemd is prone to a security-bypass vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks. systemd versions 239 through 243 are vulnerable. Technologies Affected systemd...

7.5CVSS2.2AI score0.03138EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder