106 matches found
EUVD-2010-4306
Malware in sbrugna...
EUVD-2009-3008
Malware in sbrugna...
perl-IO-Socket-SSL and perl-Net-SSLeay bug fix and enhancement update
An update is available for perl-IO-Socket-SSL, perl-Net-SSLeay. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this...
RHEL 6 : perl-io-socket-ssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-IO-Socket-SSL: ignores user request for peer verification CVE-2010-4334 Note that Nessus has not tested for th...
K34144932: libwww-perl vulnerability CVE-2014-3230
Security Advisory Description When libwww-perl LWP uses IO::Socket::SSL and when the HTTPSCADIR or HTTPSCAFILE environment variables are set, server certificate verification is disabled. CVE-2014-3230 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
SUSE CVE-2010-4334
The IO::Socket::SSL module 1.35 for Perl, when verifymode is not VERIFYNONE, fails open to VERIFYNONE instead of throwing an error when a cafile/capath cannot be verified, which allows remote attackers to bypass intended certificate restrictions...
new packages: perl-IO-Socket-SSL
An update is available for perl-IO-Socket-SSL. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
perl-IO-Socket-SSL:2.066 and perl-libwww-perl:6.34 update
An update is available for perl-IO-HTML, perl-LWP-MediaTypes, perl-Data-Dump, perl-Net-HTTP, perl-HTTP-Message, perl-Try-Tiny, perl-Digest-HMAC, perl-HTML-Parser, perl-NTLM, perl-Mozilla-CA, perl-IO-Socket-SSL, perl-libwww-perl, perl-Encode-Locale, perl-HTTP-Negotiate, perl-File-Listing,...
perl-IO-Socket-SSL:2.066 and perl-libwww-perl:6.34 update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
perl-IO-Socket-SSL bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
perl-IO-Socket-SSL bug fix and enhancement update
An update is available for perl-IO-Socket-SSL. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
DEBIAN-CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
CVE-2014-3230 affects the libwww-perl LWP::Protocol::https module (versions 6.04–6.06) when using IO::Socket::SSL as the SSL socket class. The underlying issue is that server certificate validation can be disabled via the HTTPS_CA_DIR or HTTPS_CA_FILE environment variables. Impact described in th...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
Perl Modules Detection (Linux/Unix SSH Login)
SSH login-based detection of various installed Perl modules. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
FileBuster - An Extremely Fast And Flexible Web Fuzzer
An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...