Cisco NX-OS Software SSH X.509v3 Certificate Authentication with Unsupported Remote Authorization Method Privilege Escalation Issues

For certain products that are running Cisco NX-OS Software and are configured for SSH authentication with an X.509 version 3 X.509v3 certificate, two remote authorization methods are unsupported and could allow for privilege escalation: TACACS+ and certain configurations of Lightweight Directory...

Updated stunnel packages fix security vulnerability

Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...

CVE-2019-3710

Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. An unauthenticated remote attacker with the knowledge of the default keys may potentially be able to...

CVE-2019-3710

CVE-2019-3710 affects Dell EMC Networking OS10 before 10.4.3, where an application uses undocumented pre-installed X.509v3 key/certificate pairs. This cryptographic key vulnerability can allow an unauthenticated remote attacker with knowledge of the default keys to intercept communications or gai...

Debian DSA-3565-1 : botan1.10 - security update

Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs. - CVE-2015-5726 The BER decoder would crash due to reading from offset 0 of an empty vector...

[SECURITY] [DSA 3565-1] botan1.10 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3565-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 02, 2016 https://www.debian.org/security/faq -...

DSA-3565-1 botan1.10 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3565-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-449-1 botan1.10 - security update

Bulletin has no description...

Mozilla Network Security Services 'p12creat.c'内存破坏漏洞

Bugtraq ID:66366 CVE ID:CVE-2014-1492 NSS实现SSL v2/v3, TLS, PKCS5, PKCS7, PKCS11, PKCS12, S/MIME, X.509v3证书和其他安全标准。 Network Security Services "secpkcs12newasafe"函数security/nss/lib/pkcs12/p12creat.c存在错误，允许攻击者利用漏洞破坏内存，使应用程序崩溃或执行任意代码。 0 Network Security Services NSS 3.x Network Security Services...