QwikSec

Security Database

CVE

CWE

Training

CVE-2015-3455

Published: May 18, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2016-7b40eb9e29

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

x_refsource_CONFIRM

openSUSE-SU-2015:1546

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2016:2081

vendor-advisory

x_refsource_SUSE

http://advisories.mageia.org/MGASA-2015-0191.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

http://www.squid-cache.org/Advisories/SQUID-2015_1.txt

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.