Lucene search
K

6 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:28 p.m.32 views

K15160: GnuTLS vulnerability CVE-2014-0092

Security Advisory Description lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2014-0092 Impact...

5.8CVSS6.6AI score0.29958EPSS
Exploits1Affected Software1
NVD
NVD
added 2019/12/05 12:15 a.m.40 views

CVE-2019-19521

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/authsubr.c and gen/authenticate.c in libc and login/login.c and xenocara/app/xenodm/greeter/verify.c...

9.8CVSS9.6AI score0.02736EPSS
Exploits2References7
Prion
Prion
added 2019/12/05 12:15 a.m.44 views

Authentication flaw

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/authsubr.c and gen/authenticate.c in libc and login/login.c and xenocara/app/xenodm/greeter/verify.c...

7.5CVSS9.4AI score0.02736EPSS
Exploits2References7Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/06/08 12:0 a.m.14 views

GnuTLS X.509 Version 1 Intermediate Certificate Policy Bypass (CVE-2014-1959)

A policy-bypass vulnerability has been found in GnuTLS. The vulnerability is due to an error in lib/x509/verify.c where an X.509 version 1 certificate is incorrectly treated as an intermediate CA certificate. A remote attacker could exploit this vulnerability to bypass certificate validation...

4.7AI score0.03416EPSS
Exploits1
Debian CVE
Debian CVE
added 2014/03/06 6:0 p.m.41 views

CVE-2014-1959

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates...

5.8CVSS6.5AI score0.03416EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/09/27 12:0 a.m.29 views

GLSA-200609-15 : GnuTLS: RSA Signature Forgery

The remote host is affected by the vulnerability described in GLSA-200609-15 GnuTLS: RSA Signature Forgery verify.c fails to properly handle excess data in digestAlgorithm.parameters field while generating a hash when using an RSA key with exponent 3. RSA keys that use exponent 3 are commonplace...

5CVSS6.3AI score0.02427EPSS
Exploits0References2
Rows per page
Query Builder