Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4408

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-4408
Last Modified 18 Jun 2012 10:53:54
Published 15 Jun 2012 08:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4408

Summary

The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 11.04

  • Canonical Ubuntu Linux 11.10


References

XF - ubuntussoclient-ssl-info-disc(76112)

UBUNTU - USN-1464-1

BID - 53829

SECUNIA - 49448

OSVDB - 82747


Last Updated: 27 May 2016 10:49:38