33 matches found
EUVD-2003-0950
Malware in sbrugna...
EUVD-2008-0566
Malware in sbrugna...
EUVD-2004-0004
Malware in sbrugna...
EUVD-2004-0785
Malware in sbrugna...
SUSE CVE-2003-0960
OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates...
OpenCA Detection
Detection of OpenCA. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenCA HTML injection
OpenCA is vulnerable to a HTML injection attack due to inadequate validation / filtering of user input into a web form frontend. SPDX-FileCopyrightText: 2009 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenCA allows Cross site request forgery (XSRF)
Overview OpenCA contains a cross site request forgery XSRF vulnerability that may allow an attacker to leverage an administrator's creditials to exectue activities on the Certification Authority. Description The OpenCA PKI Development Project\t is an open source out-of-the-box Certification...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer...
CVE-2008-0556
Cross-site request forgery CSRF vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer...
CVE-2008-0556
Cross-site request forgery CSRF vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer...
CVE-2008-0556
CVE-2008-0556 describes a cross-site request forgery (CSRF) vulnerability in the OpenCA PKI project, affecting version 0.9.2.5 and possibly earlier. The vulnerability allows an attacker to coerce an authenticated administrator to perform unauthorized actions on the Certification Authority by luri...
OpenCA multiple signature validation bypass
The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and including 0.9.1.3 contains multiple flaws that may allow revoked or expired certificates to be accepted as valid. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might ...
OpenCA signature verification flaw
The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and including 0.9.1.6 contains a flaw that may lead an attacker to bypass signature verification of a certificate. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be...
CVE-2004-0787
Cross-site scripting XSS vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields...
CVE-2004-0787
OpenCA is vulnerable to an HTML injection/XSS in its web front end via form input fields. Affected versions are OpenCA 0.9.1-8 and earlier and 0.9.2 RC6 and earlier. The root cause is inadequate validation/ filtering of user input in the web form frontend, allowing injection of HTML/ script throu...
CVE-2004-0787
Cross-site scripting XSS vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields...
OpenCA crypto-utils.lib libCheckSignature Function Signature Validation Weakness
The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and incluing 0.9.1.6 contains a flaw that may lead an attacker to bypass signature verification of a certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
OpenCA Multiple Signature Validation Bypass
The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and incluing 0.9.1.3 contains multiple flaws that may allow revoked or expired certificates to be accepted as valid. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
OpenCA Client System Browser Form Input Field XSS
The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and including 0.9.2-RC2 are affected by an HTML injection vulnerability when processing user input to the web form frontend. This issue may permit an attacker to execute hostile HTML code in...