Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-3522
Description:The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Test IDs: 1.3.6.1.4.1.25623.1.0.868142   1.3.6.1.4.1.25623.1.0.120082   1.3.6.1.4.1.25623.1.0.806858  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-3522
http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html
BugTraq ID: 69237
http://www.securityfocus.com/bid/69237
https://security.gentoo.org/glsa/201610-05
http://www.osvdb.org/109996
http://secunia.com/advisories/59432
http://secunia.com/advisories/59584
http://secunia.com/advisories/60100
http://secunia.com/advisories/60722
SuSE Security Announcement: openSUSE-SU-2014:1059 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html
http://www.ubuntu.com/usn/USN-2316-1
XForce ISS Database: apache-subversion-cve20143522-spoofing(95311)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95311
XForce ISS Database: apache-subversion-cve20143528-info-disc(95090)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95090




© 1998-2024 E-Soft Inc. All rights reserved.