Hard Time for Android CVE-2014-5558 SSL Certificate Validation Security Bypass Vulnerability
BID:69963
Info
Hard Time for Android CVE-2014-5558 SSL Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 69963 |
| Class: | Design Error |
| CVE: |
CVE-2014-5558 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 08 2014 12:00AM |
| Updated: | Sep 08 2014 12:00AM |
| Credit: | Will Dormann of the CERT/CC |
| Vulnerable: |
Mdickie Hard Time 1.111 |
| Not Vulnerable: | |
Discussion
Hard Time for Android CVE-2014-5558 SSL Certificate Validation Security Bypass Vulnerability
Hard Time for Android is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
Hard Time for Android is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
Solution / Fix
Hard Time for Android CVE-2014-5558 SSL Certificate Validation Security Bypass Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].