Gajim '_ssl_verify_callback()' Function SSL Certificate Validation Spoofing Vulnerability

Gajim is prone to a security vulnerability that may allow attackers to conduct spoofing attacks.



Attackers can exploit this issue to spoof a valid server and conduct man-in-the-middle attacks. Successful exploits will cause victims to accept the certificates assuming they are from a legitimate site.



Gajim 0.15 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus