W3M NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 40837
Class: Design Error
CVE: CVE-2010-2074
Remote: Yes
Local: No
Published: Jun 14 2010 12:00AM
Updated: Oct 18 2012 10:30PM
Credit: Ludwig Nussel
Vulnerable: W3M W3M 0.5.2
W3M W3M 0.5.1
W3M W3M 0.3.2 .2
W3M W3M 0.3.2 .1
W3M W3M 0.3.2
W3M W3M 0.3.1
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
W3M W3M 0.3
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
W3M W3M 0.2.5 .1
W3M W3M 0.2.5
W3M W3M 0.2.4
W3M W3M 0.2.3
W3M W3M 0.2.2
W3M W3M 0.2.1
+ Conectiva Linux 7.0
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
W3M W3M 0.2
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0
W3M W3M 0.1.10
+ Conectiva Linux 6.0
W3M W3M 0.1.9
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
W3M W3M 0.1.8
W3M W3M 0.1.7
W3M W3M 0.1.6
W3M W3M 0.1.4
W3M W3M 0.1.3
Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10 SP3
Sun Solaris 11 Express snv_151a
Sun Solaris 11 Express
S.u.S.E. openSUSE 11.2
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
Red Hat Fedora 13
Red Hat Fedora 12
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus