SuSE9 Security Update : GnuTLS (YOU Patch Number 12705)

The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 Also a integer size issue was fixed which lead to incorrectly accepted certificates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

DEBIAN-CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

Code injection

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

UBUNTU-CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

CVE-2011-1428

WeeChat (Wee Enhanced Environment for Chat) versions up to 0.3.4 are affected by CVE-2011-1428, where the client does not properly validate that the server hostname matches the subject of an X.509 certificate, enabling MITM with an arbitrary certificate due to incorrect GnuTLS API usage. Exploita...

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

CVE-2011-1429

Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766...

weechat does not properly use gnutls and allow an attacker to bypass certificate verification

About WeeChat: "WeeChat is a fast, light and extensible chat client. It runs on many platforms including Linux, BSD and Mac OS. Development is very active, and bug fixes are very fast!" The vuln: Weechat does not use the GnuTLS API properly to check certificates, potentially exposing users to...

SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 7299)

The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51748; scriptversion"1.11";...

SuSE 11 / 11.1 Security Update : GnuTLS (SAT Patch Numbers 3650 / 3651)

The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

VMSA-2010-0015 : VMware ESX third-party updates for Service Console

a. Service Console update for NSSdb The service console package NSSdb is updated to version nssdb-2.2-35.4.el55. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2010-0826 to this issue. b. Service Console update for OpenLDAP The service console package...

Fedora 12 : gnutls-2.8.6-2.fc12 (2010-9487)

Add implementation of the safe renegotiation extension to fix the CVE-2009-3555 security vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...

Fedora 13 : gnutls-2.8.6-2.fc13 (2010-9518)

Add implementation of the safe renegotiation extension to fix the CVE-2009-3555 security vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...

Fedora Update for gnutls FEDORA-2010-9487

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for gnutls FEDORA-2010-9487

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2010-9487 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 12 Update: gnutls-2.8.6-2.fc12

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implem ents the proposed standards by the IETF's TLS working group...