2077 matches found
December 13, 2016 — KB3205386 (OS Build 10586.713)
December 13, 2016 — KB3205386 OS Build 10586.713 Improvements and fixes This security update includes these additional improvements and fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer. Addressed issue with...
License cannot be installed in Veeam ONE
Challenge When installing the license file, the following error message may occur: License signature is invalid Copy Cause Sometimes the license check module is unable to process the license key correctly, some certificates are missing, outdated or machine has no internet connection to verify the...
OWASP SSL TLS Scanning : DeepViolet
DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. If you want to see what DeepViolet can do, use it from the command line in your scripts or use the graphical tool from the comfo...
DEBIAN-CVE-2016-7052
crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash by triggering a CRL operation...
OpenSSL Fixes Critical Bug Introduced by Latest Update
OpenSSL today released an emergency security update after a patch in its most recent update issued last week introduced a critical vulnerability in the cryptographic library. The new flaw affects only OpenSSL 1.1.0a, which was made available last Thursday; users are urged to update to 1.1.0b...
CVE-2016-5404
The certrevoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission...
Command injection
The certrevoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission...
RedHat Update for ipa RHSA-2016:1797-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Aruba Networks / Alcatel-Lucent Private Key Disclosure
This advisory is accompanied by a blog post regarding a recap on our published "House of Keys" research study on the re-use of cryptographic secrets from 11/2015. For further information also see http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html SEC Consult...
CentOS Update for ipa-admintools CESA-2016:1797 centos7
Check the version of ipa-admintools SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882554";...
CentOS Update for ipa-admintools CESA-2016:1797 centos6
Check the version of ipa-admintools SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882553";...
Scientific Linux Security Update : ipa on SL6.x, SL7.x i386/x86_64 (20160901)
Security Fixes : - An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack...
ipa security update
CentOS Errata and Security Advisory CESA-2016:1797 An update for ipa is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
ipa: Insufficient privileges check in certificate revocation
An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack...
Moderate: Red Hat Security Advisory: ipa security update
An update for ipa is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
ipa security update
3.0.0-50.el6.2 - Resolves: 1351593 CVE-2016-5404 ipa: Insufficient privileges check in certificate revocation - cert-revoke: fix permission check bypass CVE-2016-5404...
CVE-2016-5404
An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack...
Doorkeeper gem does not revoke tokens & uses wrong auth/auth method
Doorkeeper failed to implement OAuth 2.0 Token Revocation RFC 7009 in the following ways: 1. Public clients making valid, unauthenticated calls to revoke a token would not have their token revoked 2. Requests were not properly authenticating the client credentials but were, instead, looking at th...
Unspecified vulnerability in Red Hat IPA server
Red Hat IPA server is an authentication solution from Red Hat. A security vulnerability exists in Red Hat IPA server, which is caused by the program failing to adequately check certificates. The vulnerability can be exploited by an attacker to log in as 'retrieve certificate', revoke a certificat...
Moodle 2.6.x < 2.6.11 / 2.7.x < 2.7.8 Multiple Vulnerabilities
Binary data 9426.prm...