Python rhn-setup CVE-2015-1777 SSL Certificate Validation Security Bypass Vulnerability

Python rhn-setup is prone to a security-bypass vulnerability.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.


Bugtraq ID: 72943
Class: Design Error
CVE: CVE-2015-1777

Remote: Yes
Local: No
Published: Mar 04 2015 12:00AM
Updated: Mar 04 2015 12:00AM
Credit: Jan Bee of the Google Security.
Vulnerable: python rhn-setup 0

Not Vulnerable:


An attacker can use readily available tools to exploit this issue.

Related Posts