Showing 1 - 1 of 1

CVE-2013-0289

Status Candidate

Overview

Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Related Files

Gentoo Linux Security Advisory 201310-02: Posted Oct 7, 2013; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201310-2 - A vulnerability in isync could allow remote attackers to perform man-in-the-middle attacks. Versions less than 1.0.6 are affected.; tags | advisory, remote; systems | linux, gentoo; advisories | CVE-2013-0289; SHA-256 | 8e33e50b6405effe0c44051a4a03921ca7cef243231fe9e702879cba5f544d38; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2013-0289

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems