CVE-2005-0203

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority CNA because it was initially assigned to a problem that was not a security issue. Notes: none...

PT-2005-2275 · Apache +1 · Apache Mod Ssl +2

Name of the Vulnerable Software and Affected Versions: Apache mod ssl affected versions not specified Description: The issue is related to an off-by-one error in the mod ssl Certificate Revocation List CRL verification callback, which can cause a denial of service child process crash via a CRL th...

[AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SQL Injection in CREATESCNCHANGESET procedure AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-05.html April 18, 2005 Affected versions: Oracle Database Server version 10g Risk level: High Credits: This...

Fedora Core 1 : gnupg-1.2.3-2 (2003-025)

Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys, when those keys are used both to sign and encrypt data. This vulnerability can be used to trivially recover the private key. While the default behavior of GnuPG when generating keys does not lead to the creation ...

GnuPG creates ElGamal keys for signing using insufficient entropy

Overview Gnu Privacy Guard GnuPG is a cryptographic utility used to generate cryptographic keys and perform other cryptographic functions. A vulnerability in the way GnuPG generates ElGamal keys has been discovered. This vulnerability renders ElGamal signing key untrustworthy. Description A...

Important: Red Hat Security Advisory: : Updated gnupg packages disable ElGamal keys

Updated gnupg packages are now available for Red Hat Linux. These updates disable the ability to generate ElGamal keys used for both signing and encrypting and disable the ability to use ElGamal public keys for encrypting data. GnuPG is a utility for encrypting data and creating digital signature...

[Full-Disclosure] GnuPG's ElGamal signing keys compromised

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 GnuPG's ElGamal signing keys compromised ========================================== Summary ======= Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead ...

CVE-2001-0338

The CVE-2001-0338 entry corresponds to Internet Explorer 5.5 and earlier failing to properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled. The underlying issue is that, during CRL checking, IE does not consistently perform essential validity checks (e.g...

CVE-2001-0338

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List CRL checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."...

TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll

Overview A remotely exploitable buffer overflow exists in Trend Micro InterScan WebManager. Description InterScan WebManager is an application that inspects http traffic flowing into a network for known malicious code. This application also has the capability to restrict access to...

Unauthentic "Microsoft Corporation" certificates issued by Verisign to an unidentifed person

Overview On January 29 and 30, 2001, VeriSign, Inc. issued two certificates to an individual fraudulently claiming to be an employee of Microsoft Corporation. Any code signed by these certificates will appear to be legitimately signed by Microsoft when, in fact, it is not. Although users who try ...

Security update 1970-01-01

...