[SECURITY] Fedora 42 Update: osslsigncode-2.12-1.fc42

osslsigncode is a small tool that implements part of the functionality of the Microsoft tool signtool.exe - more exactly the Authenticode signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and thus should be able to compile on most platforms where these exist...

Citrix Access Gateway Plug-in for Windows ActiveX Control StartEPA() Method HTTP Response Header Parsing Overflows (CTX134303)

The Citrix Access Gateway ActiveX control for Citrix Access Gateway Enterprise Edition is installed on the remote Windows host. It is the ActiveX component of the Citrix Access Gateway Plug-in for Windows and provides an SSL-based VPN via a web browser. The installed version of this control...

Citrix Access Gateway Plug-in for Windows ActiveX Control Multiple Vulnerabilities (CTX129902)

The Citrix Access Gateway ActiveX control for Citrix Access Gateway Enterprise Edition is installed on the remote Windows host. It is the ActiveX component of the Citrix Access Gateway Plug-in for Windows and provides an SSL-based VPN via a web browser. The installed version of this control is...

Mandriva Update for sendmail MDVSA-2010:003 (sendmail)

Check for the Version of sendmail OpenVAS Vulnerability Test Mandriva Update for sendmail MDVSA-2010:003 sendmail Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[ MDVSA-2010:003 ] sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:003 http://www.mandriva.com/security/ Package : sendmail Date : January 11, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 Problem Description...

Mandriva Linux Security Advisory : sendmail (MDVSA-2010:003)

A security vulnerability has been identified and fixed in sendmail : sendmail before 8.14.4 does not properly handle a '\0' NUL character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server...

CVE-2009-4565

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

CVE-2009-4565

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

MySQL < 5.0.88, 5.1.x < 5.1.41 DoS and Spoofing Vulnerabilities

MySQL is prone to denial of service DoS and spoofing vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql...

Design/Logic Flaw

The vioverifycallback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificat...

CVE-2009-4028

The vioverifycallback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificat...