Test ID:	1.3.6.1.4.1.25623.1.0.841551
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1948-1)
Summary:	The remote host is missing an update for the 'python-httplib2' package(s) announced via the USN-1948-1 advisory.
Description:	Summary: The remote host is missing an update for the 'python-httplib2' package(s) announced via the USN-1948-1 advisory. Vulnerability Insight: It was discovered that httplib2 only validated SSL certificates on the first request to a connection, and didn't report validation failures on subsequent requests. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the httplib2 library. Affected Software/OS: 'python-httplib2' package(s) on Ubuntu 10.04, Ubuntu 12.04, Ubuntu 12.10, Ubuntu 13.04. Solution: Please install the updated package(s). CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2037 52179 http://www.securityfocus.com/bid/52179 USN-1948-1 http://www.ubuntu.com/usn/USN-1948-1 [oss-security] 20130501 Re: CVE Request: httplib2 ssl cert incorrect error handling http://seclists.org/oss-sec/2013/q2/257 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706602 http://code.google.com/p/httplib2/issues/detail?id=282 https://bugs.launchpad.net/httplib2/+bug/1175272
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.