Ubuntu 12.10 : keystone vulnerability (USN-1772-1)

Guang Yee discovered that Keystone would not always perform all verification checks when configured to use PKI. If the keystone server was configured to use PKI and services or users requested online verification, an attacker could potentially exploit this to bypass revocation checks. Keystone us...

CVE-2013-1865

OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...

Skype Click To Call 6.2.0.106 Privilege Escalation

Vuln Title: Skype Click to Call Update Service local privilege escalation Date: 10.12.2012 Author: otr Software Link: http://www.skype.com Vendor: Microsoft Corporation Version: = 6.2.0.106 Tested on: Windows 7, Windows XP Type: Privilege Escalation, DLL Hijacking CVE : MS does not assign CVE for...

ipa security update

CentOS Errata and Security Advisory CESA-2013:0528 Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common...

ipa: servers do not publish correct CRLs

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists CRLs to be used and might allow remote...

Recommended to 12.10 (important)

Fixed security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate Cross-Site Scripting; -a high severity issue, a...

Mandriva Update for rootcerts MDVSA-2013:003 (rootcerts)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Chrome 24 Fixes More Than 20 Flaws

Google has patched a huge number of security vulnerabilities in its Chrome browser, fixing 11 high-severity flaws. The release of Chrome 24 also includes patches for a number of other lower-priority vulnerabilities. Chrome 24 is a major security update from Google and there are several bugs fixed...

Mandriva Linux Security Advisory : rootcerts (MDVSA-2013:003)

Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle MITM traffic management ...

Opera Multiple Vulnerabilities-03 Jan13 (Windows)

The host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvuln03jan13win.nasl 6093 2017-05-10 09:03:18Z teissa $ Opera Multiple Vulnerabilities-03 Jan13 Windows Authors: Antu Sanadi Copyright: Copyright c 2013 Greenbone Networks GmbH,...

Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)

The host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvuln03jan13macosx.nasl 6093 2017-05-10 09:03:18Z teissa $ Opera Multiple Vulnerabilities-03 Jan13 Mac OS X Authors: Antu Sanadi Copyright: Copyright c 2013 Greenbone Networks GmbH...

Opera Multiple Vulnerabilities-03 (Jan 2013) - Windows

Opera is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Multiple Vulnerabilities-03 (Jan 2013) - Mac OS X

Opera is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fake Turkish digital Certificates blocked by Browser vendors

It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team...

Microsoft Releases Security Advisory on Fraudulent Digital Certificates

Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects al...

Design/Logic Flaw

The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service...

CVE-2012-6461

Opera: CVE-2012-6461 concerns the X.509 certificate-validation in Opera’s HTTPS implementation. Affected: Opera before 12.10. Description: remote attackers could cause a false indication of revocation-status success by triggering a failure of a single checking service. Mitigation: upgrade to a ne...

CVE-2012-6461

The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service...

SuSE Update for opera openSUSE-SU-2012:1481-1 (opera)

Check for the Version of opera OpenVAS Vulnerability Test $Id: gbsuse201214811.nasl 8253 2017-12-28 06:29:51Z teissa $ SuSE Update for opera openSUSE-SU-2012:1481-1 opera Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is...

openSUSE: Security Advisory for opera (openSUSE-SU-2012:1481-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...