EUVD-2007-6702

Malware in sbrugna...

openSUSE Security Update : telepathy-idle (openSUSE-SU-2013:0915-1)

Changes in telepathy-idle : - Add telepathy-idle-require-tls-validation.patch bnc817120, CVE-2007-6746. This fixes flaws in the SSL certificate validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

SuSE 11.2 / 11.3 Security Update : telepathy-idle (SAT Patch Numbers 8215 / 8216)

Telepathy-idle did not check SSL certificates. CVE-2007-6746 was assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

CVE-2007-6746

telepathy-idle before 0.1.15 does not verify 1 that the issuer is a trusted CA, 2 that the server hostname matches a domain name in the subject's Common Name CN, or 3 the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...

CVE-2007-6746

telepathy-idle before 0.1.15 does not verify 1 that the issuer is a trusted CA, 2 that the server hostname matches a domain name in the subject's Common Name CN, or 3 the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...

Code injection

telepathy-idle before 0.1.15 does not verify 1 that the issuer is a trusted CA, 2 that the server hostname matches a domain name in the subject's Common Name CN, or 3 the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...

CVE-2007-6746

CVE-2007-6746 affects telepathy-idle before 0.1.15, where SSL certificate validation is incomplete: (1) issuer trusted-CA check bypassed, (2) hostname not strictly validated against CN, and (3) certificate expiration date not verified. This enables potential MITM attacks by presenting arbitrary v...

CVE-2007-6746

telepathy-idle before 0.1.15 does not verify 1 that the issuer is a trusted CA, 2 that the server hostname matches a domain name in the subject's Common Name CN, or 3 the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...

CVE-2007-6746

telepathy-idle before 0.1.15 does not verify 1 that the issuer is a trusted CA, 2 that the server hostname matches a domain name in the subject's Common Name CN, or 3 the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...

Ubuntu Update for telepathy-idle USN-1821-1

Check for the Version of telepathy-idle OpenVAS Vulnerability Test $Id: gbubuntuUSN18211.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for telepathy-idle USN-1821-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program i...

Ubuntu: Security Advisory (USN-1821-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

telepathy-idle insufficient certificate check

Server certificate is not checked...

[USN-1821-1] telepathy-idle vulnerability

========================================================================== Ubuntu Security Notice USN-1821-1 May 09, 2013 telepathy-idle vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

Ubuntu 12.04 LTS / 12.10 / 13.04 : telepathy-idle vulnerability (USN-1821-1)

It was discovered that telepathy-idle did not perform any server certificate validation when using SSL connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information. Note that Tenable Network Securit...

USN-1821-1: telepathy-idle vulnerability

It was discovered that telepathy-idle did not perform any server certificate validation when using SSL connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information...

[SECURITY] Fedora 18 Update: telepathy-idle-0.1.15-1.fc18

A full-featured IRC connection manager for the Telepathy project...

Fedora 18 : telepathy-idle-0.1.15-1.fc18 (2013-6534)

This release validate TLS certificates properly, preventing man-in-the-middle attacks. This will be a regression for users of IRC-over-SSL servers/proxies that do not have a certificate trusted by system-wide CA configuration; they will no longer be able to connect. If someone implements fd.o...

Fedora 17 : telepathy-idle-0.1.15-1.fc17 (2013-6557)

This release validate TLS certificates properly, preventing man-in-the-middle attacks. This will be a regression for users of IRC-over-SSL servers/proxies that do not have a certificate trusted by system-wide CA configuration; they will no longer be able to connect. If someone implements fd.o...

Fedora Update for telepathy-idle FEDORA-2013-6534

Check for the Version of telepathy-idle OpenVAS Vulnerability Test Fedora Update for telepathy-idle FEDORA-2013-6534 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Fedora Update for telepathy-idle FEDORA-2013-6557

Check for the Version of telepathy-idle OpenVAS Vulnerability Test Fedora Update for telepathy-idle FEDORA-2013-6557 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...