10 matches found
EUVD-2011-4338
Malware in sbrugna...
Weblate: Account Takeover using Third party Auth CSRF
Login to your account at demo.weblate.org 2. Goto Profile Authentication - https://demo.weblate.org/accounts/profile/auth 3. In Add new association section , select Ubuntu 4. Login with Ubuntu One account , before clicking on Yes log me in on ubuntu authentication site , start a proxy tool like...
CVE-2011-4409
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...
CVE-2011-4409
CVE-2011-4409 affects the Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS, where the client fails to properly validate SSL certificates, enabling a remote attacker to perform a MITM to spoof a server and read/modify sensitive data. Connected sources (Ubuntu Security Notices US...
CVE-2011-4409
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubuntuone-storage-protocol update (USN-1465-2)
USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a...
USN-1465-2: Ubuntu One storage protocol update
USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. Original advisory details: It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attack...
USN-1465-1: Ubuntu One Client vulnerability
It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information...
CVE-2011-4409
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...
Ubuntu 11.10 : ubuntuone-couch vulnerability (USN-1381-1)
It was discovered that Ubuntu One Couch did not perform any server certificate validation when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information. Note that Tenable Network...