CVE-2011-1428

Current Description

Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.

Basic Data

PublishedMarch 16, 2011
Last ModifiedMarch 22, 2011
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.8
SeverityMEDIUM
Exploitability Score8.6
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationFlashtuxWeechat0.0.1*******
    2.3ApplicationFlashtuxWeechat0.0.2*******
    2.3ApplicationFlashtuxWeechat0.0.3*******
    2.3ApplicationFlashtuxWeechat0.0.4*******
    2.3ApplicationFlashtuxWeechat0.0.5*******
    2.3ApplicationFlashtuxWeechat0.0.6*******
    2.3ApplicationFlashtuxWeechat0.0.7*******
    2.3ApplicationFlashtuxWeechat0.0.8*******
    2.3ApplicationFlashtuxWeechat0.0.9*******
    2.3ApplicationFlashtuxWeechat0.1.0*******
    2.3ApplicationFlashtuxWeechat0.1.1*******
    2.3ApplicationFlashtuxWeechat0.1.2*******
    2.3ApplicationFlashtuxWeechat0.1.3*******
    2.3ApplicationFlashtuxWeechat0.1.4*******
    2.3ApplicationFlashtuxWeechat0.1.5*******
    2.3ApplicationFlashtuxWeechat0.1.6*******
    2.3ApplicationFlashtuxWeechat0.1.7*******
    2.3ApplicationFlashtuxWeechat0.1.8*******
    2.3ApplicationFlashtuxWeechat0.1.9*******
    2.3ApplicationFlashtuxWeechat0.2.0*******
    2.3ApplicationFlashtuxWeechat0.2.1*******
    2.3ApplicationFlashtuxWeechat0.2.2*******
    2.3ApplicationFlashtuxWeechat0.2.3*******
    2.3ApplicationFlashtuxWeechat0.2.4*******
    2.3ApplicationFlashtuxWeechat0.2.5*******
    2.3ApplicationFlashtuxWeechat0.2.6*******
    2.3ApplicationFlashtuxWeechat0.2.6.1*******
    2.3ApplicationFlashtuxWeechat0.2.6.2*******
    2.3ApplicationFlashtuxWeechat0.2.6.3*******
    2.3ApplicationFlashtuxWeechat0.3.0*******
    2.3ApplicationFlashtuxWeechat0.3.1*******
    2.3ApplicationFlashtuxWeechat0.3.1.1*******
    2.3ApplicationFlashtuxWeechat0.3.2*******
    2.3ApplicationFlashtuxWeechat0.3.3*******
    2.3ApplicationFlashtuxWeechat********0.3.4

Vulnerable Software List

VendorProductVersions
Flashtux Weechat *, 0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.0.5, 0.0.6, 0.0.7, 0.0.8, 0.0.9, 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.1.9, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4, 0.2.5, 0.2.6, 0.2.6.1, 0.2.6.2, 0.2.6.3, 0.3.0, 0.3.1, 0.3.1.1, 0.3.2, 0.3.3

References

NameSourceURLTags
20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verificationhttp://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.htmlFULLDISCExploit
http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d91http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d9CONFIRMPatch
http://savannah.nongnu.org/patch/index.php?7459http://savannah.nongnu.org/patch/index.php?7459CONFIRMExploit Patch
43543http://secunia.com/advisories/43543SECUNIAVendor Advisory
46612http://www.securityfocus.com/bid/46612BID