EUVD-2018-20727

Malware in sbrugna...

curl: CVE-2023-28321: IDN wildcard match

An improper validation of a certificate with host mismatch vulnerability was found in curl/libcurl, which allowed an attacker to perform a man-in-the-middle attack. The vulnerability was caused by the use of wildcards for validation during TLS communication, even if the hostname is an IDN. This...

Mageia: Security Advisory (MGASA-2013-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2018-9127

CVE-2018-9127 affects Botan library versions 2.2.0–2.4.0; the issue arises from improper wildcard certificate handling, allowing certain certificates to be treated as valid for hostnames under RFC 6125 rules within the same domain. The vulnerability could enable host impersonation if an attacker ...

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

CVE-2015-7826

botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting .example.com as a match for bar.foo.example.com. Otherwise valid certificates using wildcar...

CURL-CVE-2016-9952 Win CE Schannel cert wildcard matches too much

curl's TLS server certificate checks are flawed on Windows CE. This vulnerability occurs in the verify certificate function when comparing a wildcard certificate name as returned by the Windows API function CertGetNameString to the hostname used to make the connection to the server. The...

CVE-2013-7440

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

[SECURITY] [DLA 235-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u4 CVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256 CVE-2013-2065 CVE-2015-1855 CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and oth...

DLA-235-1 ruby1.9.1 - security update

Bulletin has no description...

Debian DLA-224-1 : ruby1.8 security update

It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. For the oldoldstable...

DLA-224-1 ruby1.8 - security update

Bulletin has no description...

Debian DSA-3247-1 : ruby2.1 - security update

It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. %NASLMINLEVEL 70300 C...

Mandriva Linux Security Advisory : ruby (MDVSA-2015:224)

Updated ruby packages fix security vulnerability : Ruby OpenSSL hostname matching implementation violates RFC 6125 CVE-2015-1855. The ruby packages for MBS2 has been updated to version 2.0.0-p645, which fixes this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...