cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability

Bugtraq ID: 63776
Class: Design Error
CVE: CVE-2013-4545
Remote: Yes
Local: No
Published: Nov 11 2013 12:00AM
Updated: Apr 17 2014 01:00AM
Credit: Scott Cantor
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 LTS
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Daniel Stenberg curl 7.20
Daniel Stenberg curl 7.19.6
Daniel Stenberg curl 7.19.5
Daniel Stenberg curl 7.19.4
Daniel Stenberg curl 7.19.3
Daniel Stenberg curl 7.19
Daniel Stenberg curl 7.18.1
Daniel Stenberg curl 7.18
Daniel Stenberg curl 7.24.0
Daniel Stenberg curl 7.23.1
Daniel Stenberg curl 7.21.7
Daniel Stenberg curl 7.21.6
Daniel Stenberg curl 7.20.2
Daniel Stenberg curl 7.20.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus