18 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for t...
SUSE CVE-2015-2674
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
jiraclient (>=2.1.11 <=2.1.13), jsonobject-couchdbkit (>=0.9.2 <=0.9.7) +2 more potentially affected by CVE-2015-2674 via restkit (=4.2.2)
restkit PYPI version =4.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on restkit and may be impacted: - jiraclient =2.1.11, =0.9.2, =0.4.0, =0.5.3 - pyrunscope =0.9.0a1 Source cves: CVE-2015-2674 Source advisory: OSV:GHSA-P9CV-HRXR-FXX8...
Restkit Does Not Validate TLS certificates
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
GHSA-P9CV-HRXR-FXX8 Restkit Does Not Validate TLS certificates
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
Faraday v3.2 - Collaborative Penetration Test and Vulnerability Management Platform
Here is a list of all the goodies in Faraday v3.2: Workspace names- with numbers! With this new version, workspaces’ names are now allowed to start with numbers before they could only start with letters. Search unconfirmed vulns In this version was added the filter to be able to show unconfirmed...
RestKit TLS Server Spoofing Vulnerability
Restkit is a Python HTTP resource kit developed by software developer Benoit Chesneau. A security vulnerability exists in Restkit. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack and spoof a TLS server...
CVE-2015-2674
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
PYSEC-2017-69
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
UBUNTU-CVE-2015-2674
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
jiraclient (>=2.1.11 <=2.1.13), jsonobject-couchdbkit (>=0.9.2 <=0.9.7) +2 more potentially affected by CVE-2015-2674 via restkit (=4.2.2)
restkit PYPI version =4.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on restkit and may be impacted: - jiraclient =2.1.11, =0.9.2, =0.4.0, =0.5.3 - pyrunscope =0.9.0a1 Source cves: CVE-2015-2674 Source advisory: OSV:PYSEC-2017-69...
PYSEC-2017-69
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
CVE-2015-2674
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
Default credentials
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
CVE-2015-2674
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...
CVE-2015-2674
CVE-2015-2674 affects Restkit written in Python, where TLS server verification can be bypassed by using ssl.wrap_socket with cert_reqs set to CERT_NONE, enabling MITM spoofing. The vulnerability is caused by the default no-verification configuration in SSL/TLS handling within Restkit and is docum...
CVE-2015-2674
Removed by vendor...
Python Restkit TLS Certificate Validation Security Bypass Vulnerability
Python is an object-oriented, straightforward computer programming language. A security vulnerability exists in Python Restkit TLS certificate validation. This allows attackers to exploit the vulnerability to obtain sensitive information via a man-in-the-middle attack...