Ubuntu Update For Ubuntuone-client USN-1465-3 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1465-3

Solution

Please Install the Updated Packages.

Insight

USN-1465-1 fixed vulnerabilities in Ubuntu One Client. The update failed to install on certain Ubuntu 10.04 LTS systems that had a legacy Python 2.5 package installed. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information.

Affected

ubuntuone-client on Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2011-4409

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-1158-1
Ubuntu Update for bind9 vulnerabilities USN-418-1
Ubuntu Update for eglibc USN-2328-1
Ubuntu Update for avahi vulnerabilities USN-992-1
Ubuntu Update for enscript vulnerability USN-660-1

Ubuntu Update for ubuntuone-client USN-1465-3

Take action and discover your vulnerabilities