Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2008-3746 CVE-2009-2474

Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

The problem can be corrected by updating your system to the following package versions:

Source

21 September 2009

neon, neon27 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04 LTS
Ubuntu 6.06 LTS

Software Description

neon27
neon

Details

Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04: libneon27 - 0.28.2-6.1ubuntu0.1; libneon27-gnutls - 0.28.2-6.1ubuntu0.1
Ubuntu 8.10: libneon27 - 0.28.2-2ubuntu0.1; libneon27-gnutls - 0.28.2-2ubuntu0.1
Ubuntu 8.04 LTS: libneon27 - 0.27.2-1ubuntu0.1; libneon27-gnutls - 0.27.2-1ubuntu0.1
Ubuntu 6.06 LTS: libneon25 - 0.25.5.dfsg-5ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

neon, neon27 vulnerabilities

neon, neon27 vulnerabilities

Software Description

Details

Update instructions

References

Vulmon Search

About

Products

Connect