BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[RT-SA-2015-011] WebClientPrint Processor 2.0: No Validation of TLS Certificates Aug 22 2017 01:39PM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: WebClientPrint Processor 2.0: No Validation of TLS Certificates

RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does
not validate TLS certificates when initiating HTTPS connections. Thus, a
man-in-the-middle attacker may intercept and/or modify HTTPS traffic in
transit....

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus