Gajim '_ssl_verify_callback()' Function SSL Certificate Validation Spoofing Vulnerability

Gajim is prone to a security vulnerability that may allow attackers to conduct spoofing attacks.

Attackers can exploit this issue to spoof a valid server and conduct man-in-the-middle attacks. Successful exploits will cause victims to accept the certificates assuming they are from a legitimate site.

Gajim 0.15 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus