Trillian MSN SSL Certificate Validation Security Bypass Vulnerability Network Vulnerability

Summary

This host is installed with Trillian and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to perform man-in-the-middle attacks. Impact Level: Application

Solution

Upgrade to Cerulean Studios Trillian version 4.2 or later For more info refer, http://www.trillian.im/ NOTE: Ignore this warning, if it's Trillian Pro Edition

Insight

The flaw is due to improper varification of SSL certificate before sending MSN user credentials.

Affected

Cerulean Studios Trillian 3.1 Basic on windows.

References

http://secunia.com/advisories/35620
http://xforce.iss.net/xforce/xfdb/51400

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4831

CVSS	Base Score: 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N

Related Vulnerabilities

Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
Apple Mac OS X Authentication Bypass Vulnerability
Apple Safari Multiple Memory Corruption Vulnerabilities-02 Aug14 (Mac OS X)
Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)

Take action and discover your vulnerabilities