As well, another hole exists in the CA checking code that could create an endless loop in certain instances." For more, go to:Ī flaw in the mod_ssl module for OpenPKG's Apache implementation has been patched. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. For more, go to:Īccording to an alert from Mandrake Linux, "Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. Another could be exploited in a man-in-the-middle attack that's used to create an unauthorized connection. One could allow a remote attacker to launch a denial-of-service attack against the affected machine. Two vulnerabilities have been found in racoon, an ipsec implementation. The update fixes a number of bugs and security issues found in previous releases. For more, go to:Ĭonectiva, Gentoo update respective kernelsĪ new version of the Conectiva and Gentoo Linux kernels are available. A flaw in Webmin, a Web-based administration tool for Unix/Linux, could be exploited by an attacker to bypass authentication and gain read access rights to the module's configuration information.
0 Comments
Leave a Reply. |