MidnightBSD

Advisories for paul_mattes

CVE-2012-5662 MEDIUM

x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
paul_mattes x3270 *
paul_mattes x3270 3.3.8
paul_mattes x3270 3.3.12
paul_mattes x3270 3.3.9
paul_mattes x3270 3.3.10
paul_mattes x3270 3.3.7
paul_mattes x3270 3.3.6
paul_mattes x3270 3.3.5
paul_mattes x3270 3.3.11