CVE-2019-1659

CVE-2019-1659 describes a certificate-validation flaw in the Cisco Prime Infrastructure (PI) SSL tunnel when the PI server is integrated with Identity Services Engine (ISE). The issue arises from improper validation of the server SSL certificate, enabling an unauthenticated, remote attacker to pe...

PHP SSL Module "subjectAltNames"空字节处理安全绕过漏洞

Bugtraq ID:61776 PHP是一种HTML内嵌式的脚本语言 PHP SSL模块不正确处理服务器SSL证书中"subjectAltNames"通用名中的空字节，允许攻击者利用漏洞进行中间人攻击，获取敏感信息 0 PHP 5.3.27 PHP 5.4.17 PHP 5.5.1 厂商解决方案 用户可参考如下厂商提供的安全补丁以修复该漏洞： http://git.php.net/?p=php-src.git;a=commit;h=dcea4ec698dcae39b7bba6f6aa08933cbfee6755...