478 matches found
CentOS Update for nspr CESA-2013:0214 centos5
Check for the Version of nspr OpenVAS Vulnerability Test CentOS Update for nspr CESA-2013:0214 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20130131)
It was found that a Certificate Authority CA mis-issued two intermediate certificates to customers. These certificates could be used to launch man-in- the-middle attacks. This update renders those certificates as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code...
CentOS Update for nspr CESA-2013:0213 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 6 : nspr (CESA-2013:0213)
Updated nss, nss-util, and nspr packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Network Security Services NSS is a set of...
nspr, nss security update
CentOS Errata and Security Advisory CESA-2013:0214 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2013-January/081380.html Affected packages: nspr nspr-devel nss nss-devel nss-pkcs11-devel nss-tools Upstream details at:...
nss: Dis-trust TURKTRUST mis-issued *.google.com certificate
REJECTED CVE TURKTRUST, a certificate authority in Mozilla’s root program, had mis-issued two intermediate certificates to customers. One of the certificates was used for man-in-the-middle MITM traffic management of domain names that the customer did not legitimately own or control. An intermedia...
Mozilla Thunderbird < 17.0.2 Multiple Vulnerabilities
Binary data 6669.prm...
SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities
Binary data 6670.prm...
Mis-issued TURKTRUST certificates — Mozilla
Google reported to Mozilla that TURKTRUST, a certificate authority in Mozilla’s root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle MITM traffic management...
Debian DSA-2599-1 : nss - mis-issued intermediates
Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries nss mis-issued two intermediate CAs which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CAs. The two existing...
SSL Certificate Chain Contains Illegitimate TURKTRUST Intermediate CA
The X.509 certificate chain sent by the remote host either contains or is signed by an intermediate Certificate Authority CA that was accidentally issued by TURKTRUST. Certificate chains descending from this intermediate CA could allow an attacker to perform man-in-the-middle attacks and decode...
MS KB2718704: Unauthorized Digital Certificates Could Allow Spoofing (deprecated)
The remote host is missing KB2718704, which updates the system's SSL certificate blacklist. Certificates issued by the Microsoft Terminal Services licensing certification authority can be used to sign code as Microsoft. An attacker could exploit this to spoof content or perform man-in-the-middle...
HP-UX PHSS_41606 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 28
s700800 11.X OV NNM7.53 PA-RISC Intermediate Patch 28 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager OV NNM running on Windows. The vulnerability could be exploited remotely to execute arbitra...
Debian: Security Advisory (DSA-2343-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MySQL < 5.5.6 Multiple Denial of Service
The version of MySQL installed on the remote host is older than 5.5.6. As such, it reportedly is prone to multiple denial of service attacks : - The improper handling of type errors during argument evaluation in extreme-value functions, e.g., 'LEAST' or 'GREATEST' causes server crashes...
Fedora 14 : nss-3.12.10-7.fc14 (2011-15586)
This security update revokes trust in DigiCert Sdn. Bhd Intermediate Certificate Authority from NSS - rhbz751674 It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority CA issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed...
[SECURITY] [DSA 2343-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
"Digicert Sdn. Bhd." weak certificates
Few weak certificates were issued by intermediate CA...
[SECURITY] [DSA 2343-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
DSA-2343-1 openssl - CA trust revocation
Bulletin has no description...