Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=1f3fa7fc968c35121b3c6b9f36b89cacf9a195ef
commit 1f3fa7fc968c35121b3c6b9f36b89cacf9a195ef Author: Miklos Vajna <vmik...@frugalware.org> Date: Wed Mar 31 18:47:08 2010 +0200 FSA649-amsn diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index b1bffcc..32cd44e 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,18 @@ <fsas> <fsa> + <id>649</id> + <date>2010-03-31</date> + <author>Miklos Vajna</author> + <package>amsn</package> + <vulnerable>0.98.1-1</vulnerable> + <unaffected>0.98.1-2locris1</unaffected> + <bts>http://bugs.frugalware.org/task/4161</bts> + <cve>No CVE, see http://seclists.org/bugtraq/2009/Jun/239.</cve> + <desc>Gabriel Menezes Nunes has discovered a security issue in aMSN, which can be exploited by malicious people to conduct spoofing attacks. + The security issue is caused due to the application improperly verifying the validity of the SSL certificate presented when logging in. This can be exploited to spoof a valid server and obtain the user's MSN username and password via e.g. a man-in-the-middle attack. </desc> + </fsa> + <fsa> <id>648</id> <date>2010-03-30</date> <author>Miklos Vajna</author> _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git