RSA BSAFE Crypto-J Lets Remote Users Bypass Fingerprint Based Certificate Restrictions on the Target System : 8/18/2015 3:28:06 AM
Start a FREE Trial with New Relic and we'll send you this geek-chic shirt 4 FREE From our sponsors |
| Vulnerability Databse |
| This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
RSA BSAFE Crypto-J Lets Remote Users Bypass Fingerprint Based Certificate Restrictions on the Target System
8/18/2015 12:00:00 AM
| RSA BSAFE Crypto-J Lets Remote Users Bypass Fingerprint Based Certificate Restrictions on the Target System |
| SecurityTracker Alert ID: 1033298 |
| SecurityTracker URL: http://securitytracker.com/id/1033298 |
| CVE Reference: CVE-2015-0534 (Links to External Site) |
| Date: Aug 18 2015 |
| Impact: Modification of authentication information |
| Fix Available: Yes Vendor Confirmed: Yes |
| Version(s): prior to 6.2 |
| Description: A vulnerability was reported in RSA BSAFE Crypto-J. A remote user can bypass security controls on the target system. A remote user can modify certificate fingerprints and include specially crafted data within the unsigned portion of a certificate to bypass fingerprint-based certificate blacklist security controls on the target system. |
| Impact: A remote user can bypass fingerprint-based certificate blacklist security controls on the target system. |
| Solution: The vendor has issued a fix (Advisory ESA-2015-081; version 6.2). |
| Vendor URL: www.rsa.com/ (Links to External Site) |
| Cause: Input validation error |
| Underlying OS: |
| |
| Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
Diberdayakan oleh Blogger.