Candidate: CVE-2013-0289
PublicDate: 2014-05-23 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0289
Description:
 Isync 0.4 before 1.0.6, does not verify that the server hostname matches a
 domain name in the subject's Common Name (CN) or subjectAltName field of
 the X.509 certificate, which allows man-in-the-middle attackers to spoof
 SSL servers via an arbitrary valid certificate.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_isync:
 upstream: http://isync.git.sourceforge.net/git/gitweb.cgi?p=isync/isync;a=patch;h=914ede18664980925628a9ed2a73ad05f85aeedb
upstream_isync: released (1.0.4-2.2)
hardy_isync: ignored (reached end-of-life)
lucid_isync: ignored (reached end-of-life)
oneiric_isync: ignored (reached end-of-life)
precise_isync: ignored (reached end-of-life)
precise/esm_isync: DNE (precise was needed)
quantal_isync: ignored (reached end-of-life)
raring_isync: ignored (reached end-of-life)
saucy_isync: ignored (reached end-of-life)
trusty_isync: not-affected (1.1.0-2)
trusty/esm_isync: DNE (trusty was not-affected [1.1.0-2])
utopic_isync: ignored (reached end-of-life)
vivid_isync: ignored (reached end-of-life)
vivid/stable-phone-overlay_isync: DNE
vivid/ubuntu-core_isync: DNE
wily_isync: ignored (reached end-of-life)
xenial_isync: not-affected (1.1.0-2)
yakkety_isync: ignored (reached end-of-life)
zesty_isync: ignored (reached end-of-life)
artful_isync: ignored (reached end-of-life)
bionic_isync: not-affected (1.1.0-2)
cosmic_isync: not-affected (1.1.0-2)
devel_isync: not-affected (1.1.0-2)