Ubuntu 'ubuntu-sso-client' Package SSL Certificate Validation Information Disclosure Vulnerability
BID:53829
Info
Ubuntu 'ubuntu-sso-client' Package SSL Certificate Validation Information Disclosure Vulnerability
| Bugtraq ID: | 53829 |
| Class: | Design Error |
| CVE: |
CVE-2011-4408 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2012 12:00AM |
| Updated: | Jun 06 2012 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Ubuntu ubuntu-sso-client 0 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 |
| Not Vulnerable: | |
Discussion
Ubuntu 'ubuntu-sso-client' Package SSL Certificate Validation Information Disclosure Vulnerability
Ubuntu 'ubuntu-sso-client' package is prone to an information disclosure vulnerability.
An attacker can exploit this issue through man-in-the-middle attacks by impersonating a trusted server. This may allow the attacker to obtain or modify sensitive information. Information harvested may aid in further attacks.
Ubuntu 'ubuntu-sso-client' package is prone to an information disclosure vulnerability.
An attacker can exploit this issue through man-in-the-middle attacks by impersonating a trusted server. This may allow the attacker to obtain or modify sensitive information. Information harvested may aid in further attacks.
Solution / Fix
Ubuntu 'ubuntu-sso-client' Package SSL Certificate Validation Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Ubuntu 'ubuntu-sso-client' Package SSL Certificate Validation Information Disclosure Vulnerability
References:
References: