11 matches found
EUVD-2010-3170
Malware in sbrugna...
EUVD-2014-0198
Malware in sbrugna...
EUVD-2010-5040
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-0139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Na...
SUSE CVE-2010-5076
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...
Man-in-the-Middle (MitM)
qt is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists as QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2014-0139
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...
Qt: QSslSocket incorrect handling of IP wildcards in certificate Common Name
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...
BSA-009 Security Update for nss
Alexander Reichle-Schmehl uploaded new packages for nss which fixed the following security problems: CVE-2010-3170 NSS recognizes a wildcard IP address in the subjects Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a...
CVE-2010-3170
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL serve...
firefox/nss: doesn't handle IP-based wildcards in X509 certificates safely
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL serve...