169 matches found
Mandrake Security Advisory MDVSA-2009:237 (openssl)
The remote host is missing an update to openssl announced via advisory MDVSA-2009:237. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandrake Security Advisory MDVSA-2009:239 (openssl)
The remote host is missing an update to openssl announced via advisory MDVSA-2009:239. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandriva Linux Security Advisory : openssl (MDVSA-2009:238)
Multiple vulnerabilities was discovered and corrected in openssl : Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impa...
Debian Security Advisory DSA 1888-1 (openssl, openssl097)
The remote host is missing an update to openssl, openssl097 announced via advisory DSA 1888-1. OpenVAS Vulnerability Test $Id: deb18881.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1888-1 openssl, openssl097 Authors: Thomas Reinke Copyright: Copyright c...
DSA-1888-1 openssl - cryptographic weakness
Bulletin has no description...
[SECURITY] [DSA 1888-1] New openssl packages deprecate MD2 hash signatures
------------------------------------------------------------------------ Debian Security Advisory DSA-1888-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 15, 2009 http://www.debian.org/security/faq -...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerability (USN-830-1)
Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation. Note that...
Mandrake Security Advisory MDVSA-2009:197-2 (nss)
The remote host is missing an update to nss announced via advisory MDVSA-2009:197-2. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Ubuntu: Security Advisory (USN-830-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Security Advisory MDVSA-2009:197-2 (nss)
The remote host is missing an update to nss announced via advisory MDVSA-2009:197-2. OpenVAS Vulnerability Test $Id: mdksa20091972.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:197-2 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
USN-830-1: OpenSSL vulnerability
Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation...
RHEL 3 : seamonkey (RHSA-2009:1432)
Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client,...
Critical: Red Hat Security Advisory: seamonkey security update
Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client,...
Opera Multiple URL Spoofing Vulnerabilities - Sep09 (Linux)
This host is installed with Opera Web Browser and is prone to Multiple Spoof URL vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamulturlspoofvulnsep09lin.nasl 4869 2016-12-29 11:01:45Z teissa $ Opera Multiple URL Spoofing Vulnerabilities - Sep09 Linux Authors: Sharath S Copyright: Copyrig...
Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Windows
Opera Web Browser is prone to Multiple Spoof URL vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Linux
Opera Web Browser is prone to Multiple Spoof URL vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-3045
Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate...
Code injection
Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate...
CVE-2009-3045
Opera before 10.00 trusts root X.509 certificates signed with MD2, enabling MITM with a crafted server certificate and spoofing of SSL servers. Affected component is the browser’s certificate handling; the root cause is acceptance of MD2-signed certificates, which undermines TLS trust. In practic...
CVE-2009-3045
Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate...