Описание
ELSA-2009-1549: wget security update (MODERATE)
[1.11.4-3]
- add fix for CVE-2009-3490, incorrect verification of SSL certificate with NUL in name
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
wget
1.11.4-2.el5_4.1
Oracle Linux x86_64
wget
1.11.4-2.el5_4.1
Oracle Linux i386
wget
1.11.4-2.el5_4.1
Связанные CVE
Связанные уязвимости
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
GNU Wget before 1.12 does not properly handle a '\0' character in a do ...
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.