107 matches found
Mandriva Linux Security Advisory : perl-IO-Socket-SSL (MDVSA-2009:252-1)
A vulnerability was discovered and corrected in perl-IO-Socket-SSL : The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the...
MDVSA-2009:178 : perl-IO-Socket-SSL
A vulnerability was discovered and corrected in perl-IO-Socket-SSL: The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the...
SuSE 11 Security Update : perl-IO-Socket-SSL (SAT Patch Number 1265)
This update of perl-IO-Socket-SSL improves the hostname checking of the SSL certificate. CVE-2009-3024 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell,...
Phishing Tool
Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...
Phishing Tool
Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...
Phishing Tool
Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...
Phishing Tool
Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...
openSUSE Security Update : perl-IO-Socket-SSL (perl-IO-Socket-SSL-1264)
This update of perl-IO-Socket-SSL improves the hostname checking of the SSL certificate. CVE-2009-3024 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update perl-IO-Socket-SSL-1264. The text...
Oracle Secure Backup property_box.php type parameter command execution
Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...
CVE-2009-3024
The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate...
DEBIAN-CVE-2009-3024
The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate...
CVE-2009-3024
CVE-2009-3024 affects the Perl IO::Socket::SSL module (versions 1.14–1.25). The verify_hostname_of_cert() function only matches the hostname prefix when no wildcard is used, allowing remote attackers to bypass hostname verification. Gentoo GLSA 201101-06 and related OpenVAS entries indicate vulne...
CVE-2009-3024
The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate...
CVE-2009-3024
The verifyhostnameofcert function in the certificate checking feature in IO-Socket-SSL IO::Socket::SSL 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate...
Fedora Core 10 FEDORA-2009-7544 (perl-IO-Socket-SSL)
The remote host is missing an update to perl-IO-Socket-SSL announced via advisory FEDORA-2009-7544. OpenVAS Vulnerability Test $Id: fcore20097544.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7544 perl-IO-Socket-SSL Authors: Thomas Reinke Copyrigh...
Fedora Core 11 FEDORA-2009-7435 (perl-IO-Socket-SSL)
The remote host is missing an update to perl-IO-Socket-SSL announced via advisory FEDORA-2009-7435. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
Fedora Core 10 FEDORA-2009-7544 (perl-IO-Socket-SSL)
The remote host is missing an update to perl-IO-Socket-SSL announced via advisory FEDORA-2009-7544. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
Fedora 10 : perl-IO-Socket-SSL-1.26-1.fc10 (2009-7544)
This update to version 1.26 fixes an issue where only the prefix of the hostname was checked if there was no wildcard present, so for example www.example.org would match a certificate starting with www.exam. Note that Tenable Network Security has extracted the preceding description block directly...
Fedora 11 : perl-IO-Socket-SSL-1.26-1.fc11 (2009-7435)
This update to version 1.26 fixes an issue where only the prefix of the hostname was checked if there was no wildcard present, so for example www.example.org would match a certificate starting with www.exam. Note that Tenable Network Security has extracted the preceding description block directly...
[SECURITY] Fedora 10 Update: perl-IO-Socket-SSL-1.26-1.fc10
This module is a true drop-in replacement for IO::Socket::INET that uses SSL to encrypt data before it is transferred to a remote server or client. IO::Socket::SSL supports all the extra features that one needs to write a full-featured SSL client or server application: multiple SSL contexts, ciph...