Download
| Alert*
|
oval:org.secpod.oval:def:700086
It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to derefer ... oval:org.secpod.oval:def:300342 Multiple vulnerabilities has been found and corrected in irssi: Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject"s Common Name field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attac ... |
