9 matches found
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...
Ubuntu: Security Advisory (USN-6596-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Apache::Session::LDAP vulnerability (USN-6596-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6596-1 advisory. It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked...
Debian dla-3284 : libapache-session-ldap-perl - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3284 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3284-1 [email protected]...
Debian: Security Advisory (DLA-3284-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...
CVE-2020-36658
CVE-2020-36658 affects Apache::Session::LDAP prior to 0.5, where validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends because the Net::LDAPS Perl module default is used. This can enable spoofing or exposure of sensitive information if an attacker tri...
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...