MidnightBSD

Advisories for jean-paul_calderone

CVE-2013-4314 MEDIUM

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
jean-paul_calderone pyopenssl *
jean-paul_calderone pyopenssl 0.9
jean-paul_calderone pyopenssl 0.8
jean-paul_calderone pyopenssl 0.12
canonical ubuntu_linux 12.04
jean-paul_calderone pyopenssl 0.7
jean-paul_calderone pyopenssl 0.10
canonical ubuntu_linux 13.04
canonical ubuntu_linux 10.04
jean-paul_calderone pyopenssl 0.11