60 matches found
PYSEC-2012-12
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted...
CVE-2012-3446
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted...
CVE-2012-3446
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted...
CVE-2012-3446
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted...
CVE-2012-3446
Apache Libcloud before 0.11.1 suffers from an incorrect regular expression in hostname verification against the X.509 certificate’s CN/subjectAltName, allowing MITM via crafted certificates. Affected versions: Libcloud prior to 0.11.1. Root cause: faulty domain name matching logic in SSL verifica...
PT-2012-4719 · Apache · Apache Libcloud
Name of the Vulnerable Software and Affected Versions: Apache Libcloud versions prior to 0.11.1 Description: The issue arises from an incorrect regular expression used during the verification process of whether the server hostname matches a domain name in the subject's Common Name CN or...
FreeBSD Ports: py-libcloud
The remote host is missing an update to the system as announced in the referenced advisory. VID a14dee30-e3d7-11e1-a084-50e5492bd3dc OpenVAS Vulnerability Test $ Description: Auto generated from VID a14dee30-e3d7-11e1-a084-50e5492bd3dc Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
FreeBSD Ports: py-libcloud
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : libcloud -- possible SSL MITM due to invalid regexp used to validate target server hostname (a14dee30-e3d7-11e1-a084-50e5492bd3dc)
The libcloud development team reports : When establishing a secure SSL / TLS connection to a target server an invalid regular expression has been used for performing the hostname verification. Subset instead of the full target server hostname has been marked an an acceptable match for the given...
Apache Libcloud中间人信息泄露漏洞
BUGTRAQ ID: 54798 libcloud 是一个访问云计算服务的统一接口,该项目已经成为Apache 组织的顶级项目,采用Python 开发。 Apache Libcloud在实现上存在中间人漏洞,攻击者可利用此漏洞嗅探即时消息会话并获取敏感信息。 0 Apache Group Libcloud 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...
libcloud -- possible SSL MITM due to invalid regexp used to validate target server hostname
The libcloud development team reports: When establishing a secure SSL / TLS connection to a target server an invalid regular expression has been used for performing the hostname verification. Subset instead of the full target server hostname has been marked an an acceptable match for the given...
Libcloud SSL Certificates Security Bypass Vulnerability
This host is installed with Libcloud and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gblibcloudsslcertsecbypassvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ Libcloud SSL Certificates Security Bypass Vulnerability Authors: Madhuri D Copyright: Copyright c 2011...
Libcloud SSL Certificates Security Bypass Vulnerability
Libcloud is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-4340
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...
CVE-2010-4340
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...
PYSEC-2011-24
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...
PYSEC-2011-24
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...
CVE-2010-4340
Affected software: Libcloud prior to version 0.4.1. Vulnerability: TLS/SSL certificate validation is not performed for HTTPS connections, enabling a remote attacker to perform a man‑in‑the‑middle (MITM) attack and potentially bypass access restrictions. Impact (as stated): spoofed certificates co...
CVE-2010-4340
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...
CVE-2010-4340
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle MITM attack...