How to Export and Install an SSL Certificate for StoreFront to Use HTTPS

This article explains how to export your existing SSL certificate, import the certificate to another StoreFront server, bind the certificate to Internet Information Services IIS, and configure StoreFront for HTTPS connections. This article assumes the following typical scenarios: You have created...

DROWN Flaw Opens 33 Percent Of HTTPS Connections To Attack

Researchers revealed a massive transport layer security TLS vulnerability today that leaves millions of Internet users vulnerable to an attack that could expose passwords, credit card numbers and financial data. OpenSSL and others are urging companies to patch their web servers or risk exposure t...

Oracle: Security Advisory (ELSA-2014-0597)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : opensaml-java-2.5.3-9.fc22 / opensaml-java-openws-1.5.5-2.fc22 (2015-10235)

OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Google Releases Password Alert Extension for Chrome

Google is rolling out a new extension for Chrome that will monitor users’ logins and warn them if they enter a Google password on a non-Google page, a move designed to help protect users against phishing attacks. The new extension, called Password Alert, works for both consumer accounts and Googl...

FREAK Attack: How to Protect Yourself

The recently disclosed FREAK Factoring attack on RSA Export Keys attack is an SSL/TLS vulnerability that is affecting major browsers, servers and even mobile devices. FREAK vulnerability allows the attacker to intercept HTTPS connections between vulnerable clients and servers and force them to us...

Komodia SSL Digestor SDK MitM (Detected via HTTP Request)

Binary data 8930.prm...

Komodia SSL Digestor SDK MitM (Detected via DNS Query)

Binary data 8929.prm...

Komodia Certificate Manipulation Enabled Man-In-The-Middle Attacks

The shoddy state of SSL certificate validation on the Internet again floated to the surface, this time by the Superfish mess, which continues to get worse. The Electronic Frontier Foundation on Wednesday released a report based on data scoured from the Decentralized SSL Observatory which it...

CVE-2015-0631

Cisco IPS CVE-2015-0631 is a race-condition vulnerability in the SSL/TLS subsystem used by the web management interface. During image upgrading, key/certificate regeneration can be disrupted by a rapid sequence of HTTPS connections to the management interface, allowing a remote attacker to cause ...

Apache Subversion 1.0.x - 1.7.17 / 1.8.x < 1.8.10 Multiple Vulnerabilities

The version of Subversion Server installed on the remote host is version 1.x.x prior to 1.7.18 or 1.8.x prior to 1.8.10. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the Serf RA layer. This flaw causes wildcards for HTTPS connections to be improperly evaluated,...

squid security update

7:3.1.10-20.3 - Resolves: 1098134 - CVE-2014-0128 squid: denial of service when using SSL-Bump 7:3.1.10-20.2 - revert: Resolves: 1039088 - issues with timeout on HTTPS connections 7:3.1.10-20.1 - Resolves: 1093072 - issues with timeout on HTTPS connections...

IETF Approves HSTS as Proposed Standard

One of the things that makes attackers dance around their basement lairs is finding unencrypted Web sessions. Sites that don’t give users the option to use HTTPS make life that much easier for attackers trying to hijack users’ Web sessions or eavesdrop on them. The IETF has taken a big step towar...

CVE-2012-3742

Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page...

Code injection

Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page...

Ubuntu Update for ubuntuone-client USN-1465-3

Ubuntu Update for Linux kernel vulnerabilities USN-1465-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN14653.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ubuntuone-client USN-1465-3 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

Ubuntu 10.04 LTS : ubuntuone-client regression (USN-1465-3)

USN-1465-1 fixed vulnerabilities in Ubuntu One Client. The update failed to install on certain Ubuntu 10.04 LTS systems that had a legacy Python 2.5 package installed. This update fixes the problem. We apologize for the inconvenience. It was discovered that the Ubuntu One Client incorrectly...

Libcloud SSL Certificates Security Bypass Vulnerability

Libcloud is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 12 : squirrelmail-1.4.20-3.fc12 (2010-10244)

Tue Jun 22 2010 Michal Hlavinka - 1.4.20-3 - fix CVE-2010-1637 : mail fetch plugin's port-scans via non-standard POP3 server ports - Mon Jun 7 2010 Michal Hlavinka - 1.4.20-2 - add note to config file that https connections are forced by default - Mon Mar 8 2010 Michal Hlavinka - 1.4.20-1 -...

Fedora 13 : squirrelmail-1.4.20-3.fc13 (2010-10259)

Tue Jun 22 2010 Michal Hlavinka - 1.4.20-3 - fix CVE-2010-1637 : mail fetch plugin's port-scans via non-standard POP3 server ports - Mon Jun 7 2010 Michal Hlavinka - 1.4.20-2 - add note to config file that https connections are forced by default Note that Tenable Network Security has extracted...