Описание
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.37-1 |
| hardy | not-affected | 1.02-1 |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | not-affected | 1.37-1 |
| oneiric | not-affected | 1.37-1 |
| precise | not-affected | 1.37-1 |
| quantal | not-affected | 1.37-1 |
Показывать по
Ссылки на источники
4 Medium
CVSS2
Связанные уязвимости
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERI ...
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.
4 Medium
CVSS2