Ubuntu Update For Python-httplib2 USN-1948-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that httplib2 only validated SSL certificates on the first request to a connection, and didn't report validation failures on subsequent requests. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the httplib2 library.

Affected

python-httplib2 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-2037
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for cgmanager USN-2451-1
Ubuntu Update for quagga vulnerability USN-512-1
Ubuntu Update for linux-ti-omap4 USN-1993-1
Ubuntu Update for linux USN-1344-1
Ubuntu Update for libconfig-inifiles-perl USN-1543-1

Ubuntu Update for python-httplib2 USN-1948-1

Take action and discover your vulnerabilities