Oval Definition:	oval:com.ubuntu.xenial:def:20167099000
Revision Date: 2016-10-10 Version: 1 Title: CVE-2016-7099 on Ubuntu 16.04 LTS (xenial) - medium. Description: The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-7099 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND The 'nodejs' package in xenial is affected and needs fixing.
BACK