Lucene search
MitreCVELIST:CVE-2015-3908HistoryAug 12, 2015 - 2:00 p.m.
CVE-2015-3908
2015-08-1214:00:00
mitre
www.cve.org
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Related
nessus
nessus
Fedora 22 : ansible-1.9.2-1.fc22 (2015-10797)
2015-07-06 00:00:00
openSUSE Security Update : ansible (openSUSE-2015-557)
2015-08-31 00:00:00
Fedora 21 : ansible-1.9.2-1.fc21 (2015-10807)
2015-07-06 00:00:00
mageia
mageia
Updated ansible package fixes security vulnerability
2015-07-29 00:01:59
github
github
osv
osv
PYSEC-2015-1
2015-08-12 14:59:00
Ansible does not verify that the server hostname matches a domain name in certificates
2018-10-10 17:23:51
ansible - security update
2019-09-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0292)
2015-10-15 00:00:00
Fedora Update for ansible FEDORA-2015-10807
2015-10-30 00:00:00
Fedora Update for ansible FEDORA-2015-10797
2015-07-07 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: ansible-1.9.2-1.fc22
2015-07-05 18:56:03
[SECURITY] Fedora 21 Update: ansible-1.9.2-1.fc21
2015-07-05 18:56:55
prion
prion
Code injection
2015-08-12 14:59:00
veracode
veracode
Man-in-the-Middle (MitM)
2017-04-05 02:01:13
debiancve
debiancve
CVE-2015-3908
2015-08-12 14:59:21
ubuntucve
ubuntucve
CVE-2015-3908
2015-08-12 00:00:00
nvd
nvd
CVE-2015-3908
2015-08-12 14:59:21
cve
cve
CVE-2015-3908
2015-08-12 14:59:21
freebsd
freebsd
ansible -- multiple vulnerabilities
2015-06-25 00:00:00
debian
debian
[SECURITY] [DLA 1923-1] ansible security update
2019-09-16 12:23:45