Описание
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | lynx2.8.8dev.15-1 |
| hardy | ignored | end of life |
| lucid | released | 2.8.8dev.2-1ubuntu0.1 |
| oneiric | released | 2.8.8dev.9-2ubuntu0.11.10.1 |
| precise | released | 2.8.8dev.9-2ubuntu0.12.04.1 |
| quantal | released | 2.8.8dev.12-2ubuntu0.1 |
| upstream | released | lynx2.8.8dev.15-1 |
Показывать по
5.8 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx does not verify that the server's certificate is signed by a trus ...
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
5.8 Medium
CVSS2
5.9 Medium
CVSS3