Oval Definition:	oval:com.ubuntu.precise:def:20137449000
Revision Date: 2016-04-21 Version: 1 Title: CVE-2013-7449 on Ubuntu 12.04 LTS (precise) - medium. Description: The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-7449 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The vulnerability of the 'xchat' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The 'xchat-gnome' package in precise was vulnerable but has been fixed (note: '1:0.30.0~git20110821.e2a400-0.2ubuntu4.3').
BACK