Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1465-2
Solution
Please Install the Updated Packages.
Insight
USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library.
Original advisory details:
It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information.
Affected
ubuntuone-storage-protocol on Ubuntu 12.04 LTS ,
Ubuntu 11.10 ,
Ubuntu 11.04 ,
Ubuntu 10.04 LTS
Severity
Classification
-
CVE CVE-2011-4409 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities