CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

Ubuntu Update for nss USN-2159-1

Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN21591.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for nss USN-2159-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you ca...

Updated nss packages fix security vulnerability

Updated nss packages fix security vulnerability: The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509...

Fedora 17 : ruby-1.9.3.448-31.fc17 (2013-12062)

A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority. This vulnerability has been assigned the CVE identifier CVE-2013-4073. This new update should solve this issue. Note...