exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-195
Posted Oct 4, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-195 - libESMTP, probably 1.0.4 and earlier, does not properly handle a backslashed 0 field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName.

tags | advisory, remote, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2010-1192, CVE-2010-1194
MD5 | 2e62897f12ac68c2eb13e73340279a62
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
1 In 5 IT Security Professionals Fear Their Toilets Will Be Hacked
Posted Oct 15, 2019

tags | headline, hacker, privacy
Security Researcher Arrested After Tweeting About Gov't Hack
Posted Oct 15, 2019

tags | headline, hacker, government, data loss, argentina
Malware That Spits Cash Out Of ATMs Has Spread Across The World
Posted Oct 15, 2019

tags | headline, malware, bank, cybercrime, fraud
Without Encryption We Will Lose All Privacy. This Is Our New Battleground.
Posted Oct 15, 2019

tags | headline, government, privacy, usa, spyware, nsa, cryptography
These Are The 29 Countries Vulnerable To SIM Jacker Attacks
Posted Oct 14, 2019

tags | headline, hacker, phone, cybercrime, fraud, password, identity theft
China's Study The Great Nation App Enables Spying Via Back Door
Posted Oct 14, 2019

tags | headline, government, privacy, phone, china, spyware
Vulnerability Found And Fixed In HP Bloatware
Posted Oct 14, 2019

tags | headline, flaw, patch
Hammond Held In Contempt For Refusing To Answer Questions
Posted Oct 14, 2019

tags | headline, hacker, government, usa, data loss, anonymous, military
Feds Arrest International ATM Skimmer Ring
Posted Oct 11, 2019

tags | headline, government, bank, cybercrime, fraud
Planes, Gate, And Bags: How Hackers Can Hijack Your Local Airport
Posted Oct 11, 2019

tags | headline, hacker, terror
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close