This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Serf Project First view 2014-08-19
Product Serf Last view 2014-08-19
Version 1.3.4 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:serf_project:serf

Activity : Overall

Related : CVE

  Date Alert Description
4 2014-08-19 CVE-2014-3504

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

Nessus® Vulnerability Scanner

id Description
2016-10-12 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201610-05.nasl - Type: ACT_GATHER_INFO
2015-03-30 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-127.nasl - Type: ACT_GATHER_INFO
2014-10-12 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-397.nasl - Type: ACT_GATHER_INFO
2014-09-12 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2014-166.nasl - Type: ACT_GATHER_INFO
2014-08-25 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-511.nasl - Type: ACT_GATHER_INFO
2014-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2014-9367.nasl - Type: ACT_GATHER_INFO
2014-08-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2315-1.nasl - Type: ACT_GATHER_INFO
2014-08-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_69048656218711e4802c20cf30e32f6d.nasl - Type: ACT_GATHER_INFO