4 matches found
Linux Distros Unpatched Vulnerability : CVE-2012-5662
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...
Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Secret Server
Summary Multiple vulnerabilities identified on IBM Security Secret Server have been addressed in the release 10.7.000059. Vulnerability Details CVEID: CVE-2012-5662 DESCRIPTION: x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN ...
CVE-2012-5662
CVE-2012-5662 affects x3270 before 3.3.12ga12. The vulnerability arises from not verifying that the server hostname matches the CN or subjectAltName in the X.509 certificate, enabling MITM spoofing with arbitrary certificates. No explicit exploit details or in-the-wild status are provided in the ...
CVE-2012-5662
x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...