CVE-2010-4340

Published: Sep 11, 2011

Modified: Sep 17, 2024

PUBLISHED

Description

libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[libcloud] 20100929 [jira] Closed: (LIBCLOUD-55) this python project is vulnerable to MITM as it fails to verify the ssl validity of the remote destination.

mailing-list

x_refsource_MLIST

http://wiki.apache.org/incubator/LibcloudSSL

x_refsource_MISC

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

x_refsource_CONFIRM

[libcloud] 20101108 SSL certs checking

mailing-list

x_refsource_MLIST

https://issues.apache.org/jira/browse/LIBCLOUD-55

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4340

Description

Affected Products

References