Ubuntu USN-829-1 (qt4-x11) Network Vulnerability

Summary

The remote host is missing an update to qt4-x11 announced via advisory USN-829-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libqt4-core 4.3.4-0ubuntu3.1 Ubuntu 8.10: libqt4-network 4.4.3-0ubuntu1.3 Ubuntu 9.04: libqt4-network 4.5.0-0ubuntu4.2 After a standard system upgrade you need to restart your session to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-829-1

Insight

It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2700)

Severity

Classification

CVE CVE-2009-2700

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for ceilometer USN-2311-2
Ubuntu Update for cinder USN-2208-1
Ubuntu Update for cinder USN-2248-1
Ubuntu Update for compiz-fusion-plugins-main vulnerability USN-688-1
Ubuntu Update for curl USN-1894-1

Take action and discover your vulnerabilities