30 matches found
EUVD-2012-0687
Malware in sbrugna...
EUVD-2001-1117
Malware in sbrugna...
EUVD-2012-0686
Malware in sbrugna...
Mac OS X Multiple Vulnerabilities (2012-002)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-002. OpenVAS Vulnerability Test $Id: gbmacosxsu12-002.nasl 6521 2017-07-04 14:51:10Z cfischer $ Mac OS X Multiple Vulnerabilities 2012-002 Authors: Madhuri D Copyright: Copyright c...
CVE-2012-0654
libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted certificate...
CVE-2012-0655
libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site th...
Design/Logic Flaw
libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site th...
CVE-2012-0655
CVE-2012-0655 : Affects Apple Mac OS X before 10.7.4, where the libsecurity component does not properly constrain RSA key lengths in X.509 certificates. This allows remote attackers to defeat cryptographic protection by conducting a spoofing or network-sniffing attack when communicating with a si...
CVE-2012-0655
libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site th...
Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST)
The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.4. The newer version contains numerous security-related fixes for the following components : - Login Window - Bluetooth - curl - HFS - Kernel - libarchive - libsecurity - libxml - LoginUIFramework - PHP - Quartz Compose...
Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)
The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-002 applied. This update contains multiple security-related fixes for the following components : - curl - Directory Service - ImageIO - libarchive - libsecurity - libxml - Quartz Composer - QuickTime -...
Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)
The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-001 applied. This update contains multiple security-related fixes for the following components : - Apache - ATS - ColorSync - CoreAudio - CoreMedia - CoreText - curl - Data Security - dovecot - filecmds ...
Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)
The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.3. The newer version contains multiple security-related fixes for the following components : - Address Book - Apache - ATS - CFNetwork - CoreMedia - CoreText - CoreUI - curl - Data Security - dovecot - filecmds - ImageI...
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006. OpenVAS Vulnerability Test $Id: gbmacosxsu11-006.nasl 7029 2017-08-31 11:51:40Z teissa $ Mac OS X v10.6.8 Multiple Vulnerabilities 2011-006 Authors: Rachana Shetty Copyright:...
CVE-2011-3227
libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list CRL, which allows remote attackers to execute arbitrary code or cause a denial of service application crash a crafted 1 web site or 2 e-mail...
CVE-2011-3227
CVE-2011-3227 affects macOS X before 10.7.2, specifically the libsecurity component. The issue arises from improper error handling when processing a nonstandard CRL extension, which can allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted...
CVE-2011-3227
libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list CRL, which allows remote attackers to execute arbitrary code or cause a denial of service application crash a crafted 1 web site or 2 e-mail...
CVE-2010-1802
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con...
Design/Logic Flaw
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con...
CVE-2010-1802
This CVE (CVE-2010-1802) affects Apple Mac OS X 10.5.8 and 10.6.4 libsecurity, where domain-name comparisons in X.509 certificates can be bypassed, enabling MITM with a certificate for a similar domain (e.g., www.example.con to spoof www.example.com). Root cause: improper domain-name comparison i...