Published: 12/04/2018 Updated: 22/04/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote malicious users to prevent system registration via a man-in-the-middle attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat rhn-client-tools

Debian Bug report logs - #779817 rhn-client-tools: CVE-2015-1777 Package: rhn-client-tools; Maintainer for rhn-client-tools is Bernd Zeimetz <bzed@debianorg>; Source for rhn-client-tools is src:rhn-client-tools (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 5 Mar 2015 07:03:01 UTC ...

rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 21 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack ...

CWE-295 https://bugzilla.redhat.com/show_bug.cgi?id=1198740 http://www.securityfocus.com/bid/72943 http://www.openwall.com/lists/oss-security/2015/03/04/7 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779817 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-1777

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect