Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 69295
Class: Design Error
CVE: CVE-2014-3596
Remote: Yes
Local: No
Published: Aug 20 2014 12:00AM
Updated: May 02 2017 01:10AM
Credit: David Jorm, and Arun Neelicattu of Red Hat Product Security.
Vulnerable: Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server EUS 6.5.z
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle PeopleSoft Enterprise PeopleTools 8.55
Oracle PeopleSoft Enterprise PeopleTools 8.54
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
IBM FileNet Content Manager 5.2.1
IBM FileNet Content Manager 5.2.0
IBM FileNet Business Process Management 5.0.0
IBM Content Foundation 5.2.1
IBM Content Foundation 5.2.0
CentOS CentOS 6
Apache Axis 1.4
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus