Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

BUGTRAQSECURITYVULNS:VULN:14026

HistoryOct 15, 2014 - 12:00 a.m.

serf / Apache httpcomponents HttpClient / Jakarta Commons HttpClient SSL validation bypass

2014-10-1500:00:00

BUGTRAQ

vulners.com

JSON

Invalid parsing of certificates with NUL character in CN.

CPENameOperatorVersion
serfeq1.3

CPE	Name	Operator	Version
	serf	eq	1.3

References

vulners.com/securityvulns/securityvulns:doc:31228

nessus 29

securityvulns 5

amazon 2

openvas 21

redhat 25

fedora 5

ubuntucve 4

mageia 3

freebsd 2

debiancve 2

veracode 2

prion 5

ubuntu 2

cve 5

ibm 44

osv 8

github 4

redhatcve 2

f5 4

debian 1

rosalinux 1

gentoo 1

nessus

Mandriva Linux Security Advisory : serf (MDVSA-2014:166)

2014-09-12 00:00:00

Fedora 20 : libserf-1.3.7-1.fc20 (2014-9367)

2014-08-23 00:00:00

FreeBSD : serf -- SSL Certificate Null Byte Poisoning (69048656-2187-11e4-802c-20cf30e32f6d)

2014-08-12 00:00:00

securityvulns

[USN-2315-1] serf vulnerability

2014-08-26 00:00:00

serf certificate name spoofing vulnerability

2014-08-26 00:00:00

[ MDVSA-2014:170 ] jakarta-commons-httpclient

2014-10-15 00:00:00

amazon

Medium: libserf

2014-09-03 14:37:00

Important: jakarta-commons-httpclient

2014-09-17 21:47:00

openvas

Ubuntu: Security Advisory (USN-2315-1)

2014-08-15 00:00:00

Fedora Update for libserf FEDORA-2014-9367

2014-08-23 00:00:00

Amazon Linux: Security Advisory (ALAS-2014-397)

2015-09-08 00:00:00

redhat

(RHSA-2014:1098) Important: devtoolset-2-httpcomponents-client security update

2014-08-26 00:00:00

(RHSA-2014:1891) Important: Red Hat JBoss BRMS 6.0.3 security update

2014-11-24 20:43:48

(RHSA-2014:1833) Important: Red Hat JBoss Enterprise Web Platform 5.2.0 security update

2014-11-10 00:00:00

fedora

[SECURITY] Fedora 20 Update: libserf-1.3.7-1.fc20

2014-08-23 01:59:00

[SECURITY] Fedora 20 Update: httpcomponents-client-4.2.5-4.fc20

2014-08-30 03:58:27

[SECURITY] Fedora 19 Update: httpcomponents-client-4.2.5-4.fc19

2014-08-30 03:57:30

ubuntucve

CVE-2014-3504

2014-08-12 00:00:00

CVE-2012-6153

2014-09-04 00:00:00

CVE-2017-1000396

2018-01-26 00:00:00

mageia

Updated serf packages fix CVE-2014-3504

2014-08-27 03:04:56

Updated jakarta-commons-httpclient and httpcomponents-client packages fix security vulnerability

2014-08-25 12:44:11

Updated Updated jakarta-commons-httpclient and httpcomponents-client packages fix security vulnerabilities

2014-08-25 12:44:11

freebsd

serf -- SSL Certificate Null Byte Poisoning

2014-08-06 00:00:00

Axis2 -- Security vulnerabilities on dependency Apache HttpClient

2012-12-06 00:00:00

debiancve

CVE-2014-3504

2014-08-19 18:55:00

CVE-2012-6153

2014-09-04 17:55:00

veracode

Man-In-The-Middle

2020-12-06 03:32:45

Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers

2019-01-15 08:59:46

prion

Design/Logic Flaw

2014-08-19 18:55:00

Design/Logic Flaw

2018-01-26 02:29:00

Design/Logic Flaw

2018-01-26 02:29:00

ubuntu

serf vulnerability

2014-08-14 00:00:00

Apache Commons HttpClient vulnerabilities

2015-10-14 00:00:00

cve

CVE-2014-3504

2014-08-19 18:55:00

CVE-2017-1000397

2018-01-26 02:29:00

CVE-2017-1000396

2018-01-26 02:29:00

ibm

Security Bulletin: Apache HttpComponents vulnerable to spoofing attacks are affecting Case Manager Client (CVE-2012-6153, CVE-2014-3577)

2018-06-17 12:12:04

Security Bulletin: Public disclosed vulnerabilities from Apache HttpComponents affects IBM Spectrum LSF

2019-03-01 14:10:02

Security Bulletin: Apache HTTPComponents vulnerabilities in WebSphere Application Server (CVE-2012-6153, CVE-2014-3577)

2018-06-15 07:03:46

osv

Improper certificate validation in org.apache.httpcomponents:httpclient

2018-10-17 00:05:15

MitM on Jenkins Maven Plugin

2022-05-14 03:45:43

CVE-2017-1000397

2018-01-26 02:29:00

github

Improper Certificate Validation in Jenkins

2022-05-14 01:04:35

MitM on Jenkins Maven Plugin

2022-05-14 03:45:43

Jenkins Swarm Plugin Client vulnerable to man-in-the-middle attacks

2022-05-14 03:45:42

redhatcve

CVE-2017-1000402

2017-11-21 11:23:42

CVE-2017-1000396

2017-11-21 11:21:17

K15741 : Apache Commons HttpClient vulnerability CVE-2012-6153

2014-10-27 00:00:00

K15364328 : Apache vulnerabilities CVE-2012-5783 and CVE-2012-6153

2016-02-02 00:00:00

SOL15741 - Apache Commons HttpClient vulnerability CVE-2012-6153

2014-10-27 00:00:00

debian

[SECURITY] [DLA 222-1] commons-httpclient security update

2015-05-19 15:18:39

rosalinux

Advisory ROSA-SA-2021-1979

2021-07-02 18:11:52

gentoo

Subversion, Serf: Multiple Vulnerabilities

2016-10-11 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for SECURITYVULNS:VULN:14026