Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4409

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-4409
Last Modified 28 Jun 2012 12:00:00
Published 15 Jun 2012 08:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4409

Summary

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 10.04

  • Canonical Ubuntu Linux 11.04

  • Canonical Ubuntu Linux 11.10

  • Canonical Ubuntu Linux 12.04

  • Ubuntu 10.04

  • Ubuntu 11.04

  • Ubuntu 11.10

  • Ubuntu 12.04


References

XF - ubuntuoneclient-ssl-info-disc(76113)

BID - 53828

OSVDB - 82748

UBUNTU - USN-1465-3

UBUNTU - USN-1465-2

UBUNTU - USN-1465-1

SECUNIA - 49442


Last Updated: 27 May 2016 10:56:31