Lucene search
K

169 matches found

RedHat Linux
RedHat Linux
added 2009/08/12 2:31 p.m.49 views

Critical: Red Hat Security Advisory: nspr and nss security update

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2009/08/10 12:0 a.m.43 views

Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)

Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate CVE-2009-2408 and md2 algorithm flaws CVE-2009-2409, and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate CVE-2009-2404. This updat...

9.3CVSS7.6AI score0.05741EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2009/08/05 12:0 a.m.44 views

OpenSSL/GnuTLS SSL Server Spoofing Vulnerability - Windows

OpenSSL/GnuTLS is prone to an SSL server spoofing vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.3AI score0.04506EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/08/05 12:0 a.m.44 views

Firefox SSL Server Spoofing Vulnerability - Windows

Mozilla Firefox browser is prone to SSL server spoofing vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.05741EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2009/08/05 12:0 a.m.19 views

Firefox SSL Server Spoofing Vulnerability (Windows)

The host is installed with Mozilla Firefox browser and is prone to SSL server spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxsslspoofvulnwin.nasl 6530 2017-07-05 06:23:50Z cfischer $ Firefox SSL Server Spoofing Vulnerability Windows Authors: Nikita MR Copyright: Copyright c 2009...

6.8CVSS6.7AI score0.05741EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2009/08/05 12:0 a.m.30 views

Ubuntu 8.04 LTS / 8.10 / 9.04 : nss vulnerabilities (USN-810-1)

Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service via application crash or execute arbitrary code as the user invoking the program. CVE-2009-2404 Moxie...

9.3CVSS7.5AI score0.05741EPSS
Exploits5References4
Ubuntu
Ubuntu
added 2009/08/04 9:19 p.m.89 views

USN-810-1: NSS vulnerabilities

Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service via application crash or execute arbitrary code as the user invoking the program. CVE-2009-2404 Moxie...

9.3CVSS7.6AI score0.05741EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2009/07/31 2:26 p.m.8 views

deprecate MD2 in SSL cert validation (Kaminsky)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/07/31 2:26 p.m.52 views

Critical: Red Hat Security Advisory: nspr and nss security and bug fix update

Updated nspr and nss packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2009/07/31 12:0 a.m.48 views

RHEL 5 : nspr and nss (RHSA-2009:1186)

Updated nspr and nss packages that fix security issues, bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The packages with this update are identical to the packages...

9.3CVSS7.3AI score0.05741EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2009/07/31 12:0 a.m.35 views

RHEL 4 : nspr and nss (RHSA-2009:1184)

Updated nspr and nss packages that fix security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for non-GUI operati...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2009/07/30 10:20 p.m.43 views

Critical: Red Hat Security Advisory: nspr and nss security, bug fix, and enhancement update

Updated nspr and nss packages that fix security issues, bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The packages with this update are identical to the packages...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2009/07/30 10:9 p.m.69 views

Critical: Red Hat Security Advisory: nspr and nss security and bug fix update

Updated nspr and nss packages that fix security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for non-GUI operati...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References5
OSV
OSV
added 2009/07/30 7:30 p.m.10 views

CVE-2009-2409

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS5.6AI score0.04506EPSS
Exploits0References38
Prion
Prion
added 2009/07/30 7:30 p.m.26 views

Code injection

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References37Affected Software3
NVD
NVD
added 2009/07/30 7:30 p.m.26 views

CVE-2009-2409

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS5.8AI score0.04506EPSS
Exploits0References37
Cvelist
Cvelist
added 2009/07/30 7:0 p.m.32 views

CVE-2009-2409

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

6AI score0.04506EPSS
Exploits0References37
Debian CVE
Debian CVE
added 2009/07/30 7:0 p.m.67 views

CVE-2009-2409

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS7.5AI score0.04506EPSS
Exploits0
CVE
CVE
added 2009/07/30 7:0 p.m.197 views

CVE-2009-2409

CVE-2009-2409 involves MD2 use in X.509 certificate signatures across NSS, GnuTLS, and OpenSSL. Root cause: MD2 hash weaknesses allow forging/collision-based certificate spoofing; public updates disable/avoid MD2 and patch implementations. Affected components include NSS library (Firefox usage), ...

5.1CVSS5.8AI score0.04506EPSS
Exploits0References37Affected Software3
UbuntuCve
UbuntuCve
added 2009/07/30 12:0 a.m.37 views

CVE-2009-2409

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.7AI score0.04506EPSS
Exploits0References5
Rows per page
Query Builder