10 matches found
SUSE CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
Security Bulletin: Vulnerability in Python-httplib2 affects PowerKVM (CVE-2013-2037)
Summary PowerKVM is affected by a vulnerability in python-httplib2. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2013-2037 DESCRIPTION: The python-httplib2 could allow a remote attacker to obtain sensitive information, caused by the improper validation of https certificates. ...
Fedora Update for python-httplib2 FEDORA-2015-5503
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
CVE-2013-2037
CVE-2013-2037 affects the Python HTTP client library httplib2 versions up to 0.7.2/0.8 and earlier. Root cause: after the initial connection, the client does not verify that the server hostname matches the CN or subjectAltName in the server's X.509 certificate, enabling MITM via an arbitrary vali...
CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
Mandriva Linux Security Advisory : python-httplib2 (MDVSA-2013:168)
Updated python-httplib2 packages fix security vulnerability : httplib2 only validates SSL certificates on the first request to a connection, and doesn't report validation failures on subsequent requests CVE-2013-2037. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...