Download
| Alert*
|
oval:org.secpod.oval:def:201994
Dnsmasq is a lightweight and easy to configure DNS forwarder and DHCP server. Core Security Technologies discovered a heap overflow flaw in dnsmasq when the TFTP service is enabled . If the configured tftp-root is sufficiently long, and a remote user sends a request that sends a long file name, dnsm ... oval:org.secpod.oval:def:202774 The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security . A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Cer ... oval:org.secpod.oval:def:202072 Dnsmasq is a lightweight and easy to configure DNS forwarder and DHCP server. Core Security Technologies discovered a heap overflow flaw in dnsmasq when the TFTP service is enabled . If the configured tftp-root is sufficiently long, and a remote user sends a request that sends a long file name, dnsm ... oval:org.secpod.oval:def:202736 The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security . A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Cer ... oval:org.secpod.oval:def:300495 Multiple vulnerabilities has been found and corrected in gnutls: gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is not yet valid or no longer valid, related to lac ... oval:org.secpod.oval:def:101614 GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF"s TLS working group. oval:org.secpod.oval:def:500637 The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security . A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Cer ... oval:org.secpod.oval:def:300917 A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority . This update fixes this vulnerability. oval:org.secpod.oval:def:101826 GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF"s TLS working group. oval:org.secpod.oval:def:700429 Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kamins ... oval:org.mitre.oval:def:8289 Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a "\0" character in a domain name in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to s ... |
