10 matches found
CAs Reissue Over One Million Weak Certificates
Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half th...
Qualys Cloud Platform 2.33 New Features
This release of the Qualys Cloud Platform version 2.33 includes the release for CertView, plus updates and new features for AssetView, Cloud Agent, EC2 Connector, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. This posting has bee...
Information Disclosure Vulnerabilities in Multiple Cisco Products
Cisco RV320 Dual Gigabit WAN VPN is a router product from Cisco, USA. The encryption mechanisms in several Cisco products fail to generate unique keys and certificates, allowing a remote attacker to gain access to a user's confidential information by performing a brute force attack...
Oberthur smart cards generate weak certificates
Overview A flaw has been identified in Oberthur ID-One COSMO 64, v5.2 and v5.2a smart cards, which results in public keys that do not satisfy the requirements of the Digital Signature Standard as specified in FIPS PUB 186-3 and its predecessors. Description Oberthur ID-One COSMO 64, v5.2 and v5.2...
Debian Security Advisory DSA 2343-1 (openssl)
The remote host is missing an update to openssl announced via advisory DSA 2343-1. OpenVAS Vulnerability Test $Id: deb23431.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2343-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian: Security Advisory (DSA-2343-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
"Digicert Sdn. Bhd." weak certificates
Few weak certificates were issued by intermediate CA...
[SECURITY] [DSA 2343-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
Debian DSA-2343-1 : openssl - CA trust revocation
Several weak certificates were issued by Malaysian intermediate CA'Digicert Sdn. Bhd.' This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA's cross-signed certificates. This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this decision ...
[SECURITY] [DSA 2343-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...