20702 2009-07-07 20:11:30 +0400 Perl IO::Socket::SSL Hostname Matching Security Bypass 2010-04-24 11:14:55 +0400 1 1 4 Development Sisyphus perl-IO-Socket-SSL unstable all Linux CLOSED FIXED http://secunia.com/advisories/35703/ security P3 normal --- 1 crux viy at cas crux ender lav ldv mike qa_viy shaba viy qa-sisyphus oldest_to_newest 94352 0 crux 2009-07-07 20:11:30 +0400 A vulnerability has been reported in IO::Socket::SSL, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the certificate hostname matching when no wildcard was given, which can be exploited to bypass the hostname verification. Fixed in 1.26 108850 1 crux 2010-04-24 11:14:29 +0400 fixed 108851 2 crux 2010-04-24 11:14:55 +0400 closed