Computer Security
[EN] no-pyccku

telepathy-idle insufficient certificate check
SecurityVulns ID:13076
Threat Level:
Description:Server certificate is not checked
Affected:TELEPATHYIDLE : telepathy-idle
CVE:CVE-2007-6746 (telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.)
Original documentdocumentUBUNTU, [USN-1821-1] telepathy-idle vulnerability (10.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod