CVE-2011-4408

Опубликовано: 16 июн. 2012

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack.

Ссылки

http://osvdb.org/82747
http://secunia.com/advisories/49448
Vendor Advisory
http://www.securityfocus.com/bid/53829
http://www.ubuntu.com/usn/USN-1464-1
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/76112
http://osvdb.org/82747
http://secunia.com/advisories/49448
Vendor Advisory
http://www.securityfocus.com/bid/53829
http://www.ubuntu.com/usn/USN-1464-1
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/76112

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00414

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2011-4408

ubuntu

больше 13 лет назад

CVE-2011-4408

debian

больше 13 лет назад

The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11. ...

GHSA-c4ch-35xg-vqch

github

больше 3 лет назад

EPSS

Процентиль: 61%

0.00414

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other