Launchpad CVE tracker

CVE 2011-3150

Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validate server certificates, which allows remote attackers to execute arbitrary code or obtain sensitive information via a man-in-the-middle (MITM) attack.

Related bugs and status

CVE-2011-3150 (Candidate) is related to these bugs:

Bug #874242: Re: "Single sign on page doesn't look secure" --> well it isn't :>

Summary				In	Importance	Status
	874242	Re: "Single sign on page doesn't look secure" --> well it isn't :>		software-center (Ubuntu)	Critical	Fix Released
	874242	Re: "Single sign on page doesn't look secure" --> well it isn't :>		libsoup	Wishlist	Won't Fix

Bug #893247: development release of software-center failed to open

Summary				In	Importance	Status
	893247	development release of software-center failed to open		software-center (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

UBUNTU: USN-1270-1
BID: 50754
SECUNIA: 46950
XF: ubuntu-certificate-sec...

Launchpad.net

CVE 2011-3150

Related bugs and status

Related bugs

References