curl vulnerability

ID USN-818-1
Type ubuntu
Reporter Ubuntu
Modified 2009-08-17T00:00:00


Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.