Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-0308

Опубликовано: 20 фев. 2013
Источник: redhat
CVSS2: 4.3

Описание

The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=909977git: Incorrect IMAP server's SSL x509.v3 certificate validation in git-imap-send command

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-0308

ubuntu
почти 13 лет назад

The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

nvd логотип

CVE-2013-0308

nvd
почти 13 лет назад

The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

debian логотип

CVE-2013-0308

debian
почти 13 лет назад

The imap-send command in GIT before 1.8.1.4 does not verify that the s ...

github логотип

GHSA-p33f-8gh4-2vgm

github
почти 4 года назад

The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

oracle-oval логотип

ELSA-2013-0589

oracle-oval
почти 13 лет назад

ELSA-2013-0589: git security update (MODERATE)

4.3 Medium

CVSS2