Описание
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.16.6-1ubuntu1 |
| lucid | ignored | end of life |
| precise | released | 0.16.0-0ubuntu3.1 |
| quantal | released | 0.16.1-2ubuntu0.1 |
| raring | released | 0.16.5-0ubuntu1.1 |
| upstream | released | 0.16.6-1 |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0 ...
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
6.8 Medium
CVSS2