Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.112140
Kategorie:Windows
Titel:Microsoft Windows Rogue Root Certificate Authorities Detection
Zusammenfassung:One or more dangerous self-signed certificates are present on the host machine.
Beschreibung:Summary:
One or more dangerous self-signed certificates are present on the host machine.

Vulnerability Impact:
Successful exploitation might allow attackers to use Man in the Middle attacks against the target and its users to show them manipulated HTTPS webpages or read their encrypted data.

Solution:
Ensure that the affected certificates are not being trusted anymore.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-2077
BugTraq ID: 72693
http://www.securityfocus.com/bid/72693
Cert/CC Advisory: TA15-051A
http://www.us-cert.gov/cas/techalerts/TA15-051A.html
CERT/CC vulnerability note: VU#529496
http://www.kb.cert.org/vuls/id/529496
http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VOq6Yfn8Fp4
http://blog.erratasec.com/2015/02/some-notes-on-superfish.html#.VOq6Yvn8Fp4
http://marcrogers.org/2015/02/19/lenovo-installs-adware-on-customer-laptops-and-compromises-all-ssl/
http://www.theguardian.com/technology/2015/feb/19/lenovo-accused-compromising-user-security-installing-adware-pcs-superfish
http://www.wired.com/2015/02/lenovo-superfish/
https://blog.filippo.io/komodia-superfish-ssl-validation-is-broken/
https://www.facebook.com/notes/protect-the-graph/windows-ssl-interception-gone-wild/1570074729899339
http://www.securitytracker.com/id/1031779
Common Vulnerability Exposure (CVE) ID: CVE-2015-2078
CopyrightThis script is Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.