oval:org.mitre.oval:def:7682

Definition Id: oval:org.mitre.oval:def:7682

Oval ID:	oval:org.mitre.oval:def:7682
Title:	DSA-1916 kdelibs -- insufficient input validation
Description:	Dan Kaminsky and Moxie Marlinspike discovered that kdelibs, core libraries from the official KDE release, does not properly handle a "\0" character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Family:	unix	Class:	patch
Reference(s):	DSA-1916 CVE-2009-2702	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	kdelibs
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section kdelibs4-doc is earlier than 4:3.5.5a.dfsg.1-8etch3 AND kdelibs is earlier than 4:3.5.5a.dfsg.1-8etch3 AND kdelibs-data is earlier than 4:3.5.5a.dfsg.1-8etch3 AND kdelibs4-dev is earlier than 4:3.5.5a.dfsg.1-8etch3 AND kdelibs4c2a is earlier than 4:3.5.5a.dfsg.1-8etch3 AND kdelibs-dbg is earlier than 4:3.5.5a.dfsg.1-8etch3

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7682