Computer Security
[EN] securityvulns.ru no-pyccku


libgdata certificate spoofing
Published:02.09.2012
Source:
SecurityVulns ID:12556
Type:m-i-t-m
Threat Level:
5/10
Description:Certificate is not validated allowing man-in-the-middle attack.
Affected:LIBGDATA : libgdata 0.10
 LIBGDATA : libgdata 0.11
CVE:CVE-2012-1177 (libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL certificates, which allows remote attackers to obtain user names and passwords via a man-in-the-middle (MITM) attack with a spoofed certificate.)
Original documentdocumentUBUNTU, [USN-1547-1] libGData, evolution-data-server vulnerability (02.09.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod