54 matches found
EUVD-2020-28175
Malware in sbrugna...
EUVD-2020-28176
Malware in sbrugna...
EUVD-2020-28177
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-7042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check...
Linux Distros Unpatched Vulnerability : CVE-2020-7041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509checkhost negati...
Linux Distros Unpatched Vulnerability : CVE-2020-7043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do n...
OPENSUSE-SU-2024:11118-1 openfortivpn-1.17.1-1.1 on GA media
These are all security issues fixed in the openfortivpn-1.17.1-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2020-7041
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509checkhost negative error code is interpreted as a successful return value...
SUSE CVE-2020-7042
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted only a malformed certificate may be accepted...
SUSE CVE-2020-7043
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack...
Fedora: Security Advisory for openfortivpn (FEDORA-2020-dcdffcc368)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: openfortivpn-1.12.0-1.fc32
openfortivpn is a client for PPP+SSL VPN tunnel services. It spawns a pppd process and operates the communication between the gateway and this process. It is compatible with Fortinet VPNs...
BSA-2020-926
Security Advisory ID : BSA-2020-926 Component : openfortivpn Revision : 1.0: Final tunnel.c mishandles certificate validation in openfortivpn 1.11.0 due to multiples issues. CVE-2020-7041 An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles...
[SECURITY] Fedora 31 Update: openfortivpn-1.12.0-1.fc31
openfortivpn is a client for PPP+SSL VPN tunnel services. It spawns a pppd process and operates the communication between the gateway and this process. It is compatible with Fortinet VPNs...
[SECURITY] Fedora 30 Update: openfortivpn-1.12.0-1.fc30
openfortivpn is a client for PPP+SSL VPN tunnel services. It spawns a pppd process and operates the communication between the gateway and this process. It is compatible with Fortinet VPNs...
Fedora: Security Advisory for openfortivpn (FEDORA-2020-c96ab3c813)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : openfortivpn (2020-c96ab3c813)
Update to latest upstream version to fix CVE-2020-7041, CVE-2020-7042 and CVE-2020-7043. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 30 : openfortivpn (2020-42eb8821db)
Update to latest upstream version to fix CVE-2020-7041, CVE-2020-7042 and CVE-2020-7043. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora: Security Advisory for openfortivpn (FEDORA-2020-42eb8821db)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : openfortivpn (openSUSE-2020-301)
This update for openfortivpn to version 1.12.0 fixes the following issues : - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...