|Title:||Gizmo5 SSL Certificate Validation Security Bypass Vulnerability (Linux)|
|Summary:||Check for the Version of Gizmo5|
This host is installed with Gizmo5 and is prone to Security Bypass
Error exists due to improper verification of SSL certificates which can be
exploited by using man-in-the-middle techniques to spoof SSL certificates
and redirect a user to a malicious Web site that would appear to be trusted.
Successful exploitation will allow remote attackers to obtain sensitive
information that could be used to launch further attacks against the victim's
Impact Level: System/Application
Gizmo5 version 220.127.116.11 and prior on Linux
No solution or patch is available as of 14th July, 2009. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://gizmo5.com/pc
BugTraq ID: 35508|
Common Vulnerability Exposure (CVE) ID: CVE-2009-2381
Bugtraq: 20090626 Gizmo SSL Certificate Vulnerability (Google Search)
XForce ISS Database: gizmo5-ssl-security-bypass(51399)
|Copyright||Copyright (C) 2009 Greenbone Networks GmbH|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.