oval:org.mitre.oval:def:7282

Definition Id: oval:org.mitre.oval:def:7282

Oval ID:	oval:org.mitre.oval:def:7282
Title:	DSA-1869 curl -- insufficient input validation
Description:	It was discovered that curl, a client and library to get files from servers using HTTP, HTTPS or FTP, is vulnerable to the "Null Prefix Attacks Against SSL/TLS Certificates" recently published at the Blackhat conference. This allows an attacker to perform undetected man-in-the-middle attacks via a crafted ITU-T X.509 certificate with an injected null byte in the Common Name field.
Family:	unix	Class:	patch
Reference(s):	DSA-1869 CVE-2009-2417	Version:	3
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	curl
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Supported architectures section Installed architecture is amd64 AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is hppa AND Packages section libcurl4-gnutls-dev is earlier than 7.18.2-8lenny3 AND libcurl4-openssl-dev is earlier than 7.18.2-8lenny3 AND libcurl3-gnutls is earlier than 7.18.2-8lenny3 AND libcurl3-dbg is earlier than 7.18.2-8lenny3 AND libcurl3 is earlier than 7.18.2-8lenny3 AND curl is earlier than 7.18.2-8lenny3 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND libcurl3-dev is earlier than 7.15.5-1etch3 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is hppa AND Packages section libcurl3-gnutls is earlier than 7.15.5-1etch3 AND libcurl3-dbg is earlier than 7.15.5-1etch3 AND libcurl3-gnutls-dev is earlier than 7.15.5-1etch3 AND libcurl3 is earlier than 7.15.5-1etch3 AND curl is earlier than 7.15.5-1etch3 AND libcurl3-openssl-dev is earlier than 7.15.5-1etch3

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:7282

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7282

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0384s

Facebook rss twitter linkedin mail