Ubuntu Update For Ubuntuone-client USN-1465-3 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1465-3

Solution

Please Install the Updated Packages.

Insight

USN-1465-1 fixed vulnerabilities in Ubuntu One Client. The update failed to install on certain Ubuntu 10.04 LTS systems that had a legacy Python 2.5 package installed. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information.

Affected

ubuntuone-client on Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2011-4409
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apt-listchanges vulnerability USN-572-1
Ubuntu Update for dhcp3 vulnerability USN-803-2
Ubuntu Update for clamav vulnerabilities USN-926-1
Ubuntu Update for dhcp vulnerability USN-531-2
Ubuntu Update for bash USN-2362-1

Ubuntu Update for ubuntuone-client USN-1465-3

Take action and discover your vulnerabilities