21 matches found
CVE-2020-16163
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent...
CVE-2020-16164
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509...
CVE-2020-16162
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...
Debian dla-4066 : fort-validator - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4066 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4066-1 [email protected]...
NLnet Labs Routinator 安全漏洞
NLnet Labs Routinator is an RPKI Resource Public Key Infrastructure validator from NLnet Labs in the Netherlands written in the Rust language. A security vulnerability exists in NLnet Labs Routinator versions 0.9.0 through 0.11.2, which stems from an error in error handling, where data in RRDP...
NLnet Labs Routinator 安全漏洞
NLnet Labs Routinator is an RPKI Resource Public Key Infrastructure validator written in Rust from Stichting NLnet Stichting Nlnet Labs in the Netherlands. NLnet Labs Routinator prior suffers from a security vulnerability that stems from the lack of an effective trust management mechanism in a...
Unspecified Vulnerability in RIPE NCC RPKI Validator (CNVD-2020-52431)
RIPE NCC RPKI Validator is an RPKI validator from RIPE NCC in the Netherlands. A security vulnerability exists in version 3.x of RIPE NCC RPKI Validator prior to 3.1-2020.07.06.14.28. A remote attacker could exploit the vulnerability to bypass access restrictions...
Unspecified Vulnerability in RIPE NCC RPKI Validator (CNVD-2020-52430)
RIPE NCC RPKI Validator is an RPKI validator from RIPE NCC in the Netherlands. A security vulnerability exists in RIPE NCC RPKI Validator versions 3.x through 3.1-2020.07.06.14.28. A remote attacker could exploit the vulnerability to bypass access restrictions or cause a denial of service...
CVE-2020-16162
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...
CVE-2020-16163
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent...
CVE-2020-16162
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...
CVE-2020-16164
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509...
CVE-2020-16164
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509...
CVE-2020-16163
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent...
Design/Logic Flaw
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent...
Input validation
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...
CVE-2020-16162
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...
CVE-2020-16163
CVE-2020-16163 affects RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. The bug allows RRDP fetches to proceed without validating a TLS HTTPS endpoint, potentially allowing remote attackers to bypass access restrictions or cause DoS on co-dependent routing systems (RFC 8182 caveat noted b...
CVE-2020-16163
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent...
CVE-2020-16164
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509...