info
discussion
exploit
solution
references
Ruby Net::HTTP SSL Insecure Certificate Validation Weakness
Specific exploit code is not required; attackers may use readily available man-in-the-middle network attack utilities.
Privacy Statement
Copyright 2010, SecurityFocus