Lucene search
GoogleOSV:PYSEC-2014-93HistoryMay 05, 2014 - 5:06 p.m.
PYSEC-2014-93
2014-05-0517:06:00
Google
osv.dev
7
0.002 Low
EPSS
Percentile
64.9%
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
References
seclists.org/oss-sec/2013/q4/531
secunia.com/advisories/58327
sourceforge.net/p/pywbem/code/627/
sourceforge.net/p/pywbem/mailman/message/31757312/
www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
www.securityfocus.com/bid/64544
bugzilla.redhat.com/show_bug.cgi?id=1039801
www.suse.com/support/update/announcement/2014/suse-su-20140580-1.html
Related
nessus
nessus
SuSE 11.3 Security Update : python-pywbem (SAT Patch Number 9079)
2014-04-30 00:00:00
RHEL 7 : pywbem (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : pywbem (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2013-6418
2014-05-05 17:06:04
ubuntucve
ubuntucve
CVE-2013-6418
2014-05-05 00:00:00
github
github
PyWBEM TOCTOU vulnerability in certificate validation
2022-05-17 03:46:27
nvd
nvd
CVE-2013-6418
2014-05-05 17:06:04
prion
prion
Design/Logic Flaw
2014-05-05 17:06:00
cve
cve
CVE-2013-6418
2014-05-05 17:06:04
cvelist
cvelist
CVE-2013-6418
2014-05-05 17:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0580-1)
2021-06-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1958
2021-07-02 18:03:45