Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCanonicalCVE-2011-4409
HistoryJun 16, 2012 - 12:55 a.m.

CVE-2011-4409

2012-06-1600:55:05
CWE-20
canonical
web.nvd.nist.gov
48
cve-2011-4409
ubuntu one client
ssl certificate validation
mitm attack
ubuntu 10.04 lts
ubuntu 11.04
ubuntu 11.10
ubuntu 12.04 lts

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

Low

EPSS

0.009

Percentile

82.8%

JSON

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch10.04-lts
OR
canonicalubuntu_linuxMatch11.04
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04-lts
VendorProductVersionCPE
canonicalubuntu_linux10.04cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
canonicalubuntu_linux11.04cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
canonicalubuntu_linux11.10cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

Related

openvas 6
nvd 1
ubuntu 3
ubuntucve 1
cvelist 1
nessus 3
prion 1
openvas
openvas
Ubuntu: Security Advisory (USN-1465-3)
2012-06-08 00:00:00
Ubuntu Update for ubuntuone-storage-protocol USN-1465-2
2012-06-08 00:00:00
Ubuntu Update for ubuntuone-client USN-1465-3
2012-06-08 00:00:00
nvd
nvd
CVE-2011-4409
2012-06-16 00:55:05
ubuntu
ubuntu
Ubuntu One Client regression
2012-06-06 00:00:00
Ubuntu One Client vulnerability
2012-06-06 00:00:00
Ubuntu One storage protocol update
2012-06-06 00:00:00
ubuntucve
ubuntucve
CVE-2011-4409
2012-06-06 00:00:00
cvelist
cvelist
CVE-2011-4409
2012-06-16 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubuntuone-storage-protocol update (USN-1465-2)
2012-06-07 00:00:00
Ubuntu 10.04 LTS : ubuntuone-client regression (USN-1465-3)
2012-06-07 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubuntuone-client vulnerability (USN-1465-1)
2012-06-07 00:00:00
prion
prion
Code injection
2012-06-16 00:55:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

Low

EPSS

0.009

Percentile

82.8%

JSON
Related for CVE-2011-4409
openvas6nvd1ubuntu3ubuntucve1cvelist1nessus3prion1