Mandriva Linux Security Advisory 2009:271: libnasl

Article Source Mandriva Linux Security Advisories

A vulnerability has been found and corrected in libnasl:

nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library
(aka libnasl) 2.2.11 does not properly check the return value from
the OpenSSL DSA_do_verify function, which allows remote attackers to
bypass validation of the certificate chain via a malformed SSL/TLS
signature, a similar vulnerability to CVE-2008-5077 (CVE-2009-0125).

This update fixes this vulnerability…

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Achieving Log Centralization and Analysis with Open Source SIEM and XDR: UTMStack

RELATED ARTICLES MORE FROM AUTHOR