EUVD-2015-2072

Malware in sbrugna...

Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure

Jenkins Active Directory Plugin allows testing a new, unsaved configuration by performing a connection test the button labeled "Test Domain". Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory...

PT-2022-27770 · Traefik +1 · Traefik +1

Name of the Vulnerable Software and Affected Versions: Traefik versions prior to 2.9.6 Description: There is a potential issue in Traefik's management of TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured usin...

[THC-Hydra v7.5] Fast network logon cracker

CHANGELOG for 7.5 =================== Moved the license from GPLv3 to AGPLv3 see LICENSE file Added module for Asterisk Call Manager Added support for Android where some functions are not available hydra main: - reduced the screen output if run without -h, full screen with -h - fix for ipv6 and...

DSA-1925-1 proftpd-dfsg - SSL certificate verification weakness

Bulletin has no description...

CVE-2009-3639

The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended...

CVE-2009-3639

The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended...