Описание
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| python-restkit | removed | package | ||
| python-restkit | ignored | stretch | package | |
| python-restkit | ignored | jessie | package | |
| python-restkit | ignored | wheezy | package | |
| python-restkit | no-dsa | squeeze | package |
Примечания
https://github.com/benoitc/restkit/issues/140
https://www.openwall.com/lists/oss-security/2015/03/12/9
Связанные уязвимости
CVSS3: 5.9
ubuntu
больше 8 лет назад
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument.
CVSS3: 5.9
nvd
больше 8 лет назад
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument.
