14 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server...
K34144932: libwww-perl vulnerability CVE-2014-3230
Security Advisory Description When libwww-perl LWP uses IO::Socket::SSL and when the HTTPSCADIR or HTTPSCAFILE environment variables are set, server certificate verification is disabled. CVE-2014-3230 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
Mageia: Security Advisory (MGASA-2014-0257)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
CVE-2014-3230 affects the libwww-perl LWP::Protocol::https module (versions 6.04–6.06) when using IO::Socket::SSL as the SSL socket class. The underlying issue is that server certificate validation can be disabled via the HTTPS_CA_DIR or HTTPS_CA_FILE environment variables. Impact described in th...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
SOL34144932 - libwww-perl vulnerability CVE-2014-3230
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
[USN-2292-1] LWP::Protocol::https vulnerability
========================================================================== Ubuntu Security Notice USN-2292-1 July 17, 2014 liblwp-protocol-https-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
openSUSE Security Update : perl-LWP-Protocol-https (openSUSE-SU-2014:0710-1)
perl-LWP-Protocol-https was updated to prevent a possible MITM if the environment variables HTTPSCADIR or HTTPSCAFILE were set CVE-2014-3230. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Updated perl-LWP-Protocol-https package fixes CVE-2014-3230
Updated perl-LWP-Protocol-https package fixes security vulnerability: It was reported that libwww-perl LWP, when using IO::Socket::SSL the default and when the HTTPSCADIR or HTTPSCAFILE environment variables were set, would disable server certificate verification, when the intent was to only...
Fedora Update for perl-LWP-Protocol-https FEDORA-2014-6303
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : perl-LWP-Protocol-https-6.04-2.fc19 (2014-6369)
This release fixes a server certification validation when a certificate authority is defined by HTTPSCADIR or HTTPSCAFILE environement variable. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...