Lucene search
HistoryFeb 10, 2014 - 6:15 p.m.
CVE-2011-4092
cve-2011-4092
obby
libobby
ssl
certificate verification
remote attackers
server spoofing
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.2%
obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate.
Affected configurations
Node
ubuntu_developersobbyMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_developers:obby | ubuntu developers obby | eq | - |
Related
ubuntucve
ubuntucve
CVE-2011-4092
2014-02-10 00:00:00
cvelist
cvelist
CVE-2011-4092
2014-02-10 17:00:00
prion
prion
Design/Logic Flaw
2014-02-10 18:15:00
nvd
nvd
CVE-2011-4092
2014-02-10 18:15:09
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.2%
Related for CVE-2011-4092