222 matches found
RUSTSEC-2016-0001 SSL/TLS MitM vulnerability due to insecure defaults
All versions of rust-openssl prior to 0.9.0 contained numerous insecure defaults including off-by-default certificate verification and no API to perform hostname verification. Unless configured correctly by a developer, these defaults could allow an attacker to perform man-in-the-middle attacks...
Insecure Defaults Leads to Potential MITM
Overview Affected versions of ezseed-transmission download and run a script over an HTTP connection. An attacker in a privileged network position could launch a Man-in-the-Middle attack and intercept the script, replacing it with malicious code, completely compromising the system running...