| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.800833 |
| Category: | General |
| Title: | Gizmo5 SSL Certificate Validation Security Bypass Vulnerability (Linux) |
| Summary: | Check for the Version of Gizmo5 |
| Description: | Overview: This host is installed with Gizmo5 and is prone to Security Bypass vulnerability. Vulnerability Insight: Error exists due to improper verification of SSL certificates which can be exploited by using man-in-the-middle techniques to spoof SSL certificates and redirect a user to a malicious Web site that would appear to be trusted. Impact: Successful exploitation will allow remote attackers to obtain sensitive information that could be used to launch further attacks against the victim's system. Impact Level: System/Application Affected Software/OS: Gizmo5 version 3.1.0.79 and prior on Linux Fix: No solution or patch is available as of 14th July, 2009. Information regarding this issue will be updated once the solution details are available. For updates refer to http://gizmo5.com/pc References: http://secunia.com/advisories/35628 http://xforce.iss.net/xforce/xfdb/51399 http://www.securityfocus.com/archive/1/archive/1/504572/100/0/threaded |
| Cross-Ref: |
BugTraq ID: 35508 Common Vulnerability Exposure (CVE) ID: CVE-2009-2381 Bugtraq: 20090626 Gizmo SSL Certificate Vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/504572/100/0/threaded http://www.securityfocus.com/bid/35508 http://secunia.com/advisories/35628 XForce ISS Database: gizmo5-ssl-security-bypass(51399) http://xforce.iss.net/xforce/xfdb/51399 |
| Copyright | Copyright (C) 2009 Greenbone Networks GmbH |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.