CVE-2011-4409
Published: 6 June 2012
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.
Priority
Status
Package | Release | Status |
---|---|---|
ubuntuone-client Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
hardy |
Does not exist
|
|
lucid |
Released
(1.2.2-0ubuntu2.2)
|
|
natty |
Released
(1.6.2-0ubuntu2.1)
|
|
oneiric |
Released
(2.0.1-0ubuntu1.1)
|
|
precise |
Released
(3.0.0-0ubuntu1.1)
|
|
ubuntuone-storage-protocol Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
hardy |
Does not exist
|
|
lucid |
Released
(1.2.0-0ubuntu1.1)
|
|
natty |
Released
(1.6.1-0ubuntu1.2)
|
|
oneiric |
Released
(2.0.1-0ubuntu1.1)
|
|
precise |
Released
(3.0.0-0ubuntu1.1)
|