Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Ubuntu: 967-1: w3m vulnerability
Special Forums Cybersecurity Security Advisories (RSS) Ubuntu: 967-1: w3m vulnerability Post 302443680 by Linux Bot on Monday 9th of August 2010 09:00:02 PM
Old 08-09-2010
Ubuntu: 967-1: w3m vulnerability
LinuxSecurity.com: Ludwig Nussel discovered w3m does not properly handle SSL/TLScertificates with NULL characters in the certificate name. Anattacker could exploit this to perform a man in the middleattack to view sensitive information or alter encryptedcommunications. (CVE-2010-2074) [More...]

More...
This User Gave Thanks to Linux Bot For This Post:
hakermania
 

LEARN ABOUT SUSE

update-ca-certificates

UPDATE-CA-CERTIFICATES(8)				      System Manager's Manual					 UPDATE-CA-CERTIFICATES(8)

NAME

       update-ca-certificates - update system CA certificates

SYNOPSIS

       update-ca-certificates [options]

DESCRIPTION

       update-ca-certificates  updates	the directory /etc/ssl/certs to hold SSL certificates and generates /etc/ssl/ca-bundle.pem, a concatenated
       single-file list of certificates.

       It reads the file /etc/ca-certificates.conf. Each line gives a pathname of a CA certificate under /usr/share/ca-certificates that should be
       trusted.  Lines that begin with "#" are comment lines and thus ignored.	Lines that begin with "!" are deselected, causing the deactivation
       of the CA certificate in question. All certificates are implicitly trusted if no trusted certificates are listed.

       Furthermore all certificates found below /usr/local/share/ca-certificates are also included as implicitly trusted.

       After populating /etc/ssl/certs update-ca-certificates invokes custom hooks in /usr/lib/ca-certificates/update.d/*.run and /etc/ca-certifi-
       cates/update.d/*.run. The command line options used for invoking update-ca-certificates are passed to the hooks as well.

OPTIONS

       A summary of options is included below.

       -h, --help
	      Show summary of options.

       -v, --verbose
	      Be verbose. Output c_rehash.

       -f, --fresh
	      Fresh updates.  Removes symlinks in /etc/ssl/certs directory and re-creates them from scratch.

FILES

       /etc/ca-certificates.conf
	      A configuration file.

       /etc/ssl/ca-bundle.pem
	      A  single-file version of all CA certificates. Use of this file is deprecated and should only be used as last resort by applications
	      that cannot parse the /etc/ssl/certs directory.

       /usr/share/ca-certificates
	      Directory of CA certificates.  /usr/local/share/ca-certificates Directory of local CA certificates.

SEE ALSO

       c_rehash(1),

AUTHOR

       This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, for the Debian project  and	modified  by  Ludwig  Nussel  <ludwig.nus-
       sel@suse.de>.

								   27 April 2010					 UPDATE-CA-CERTIFICATES(8)
All times are GMT -4. The time now is 11:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy