Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:32585
HistoryOct 25, 2015 - 12:00 a.m.

[SECURITY] [DSA 3363-1] owncloud-client security update

2015-10-2500:00:00
vulners.com
37
JSON

Debian Security Advisory DSA-3363-1 [email protected]
https://www.debian.org/security/ Luciano Bello
September 20, 2015 https://www.debian.org/security/faq

Package : owncloud-client
CVE ID : CVE-2015-4456

Johannes Kliemann discovered a vulnerability in ownCloud Desktop Client,
the client-side of the ownCloud file sharing services. The vulnerability
allows man-in-the-middle attacks in situations where the server is using
self-signed certificates and the connection is already established. If
the user in the client side manually distrusts the new certificate, the
file syncing will continue using the malicious server as valid.

For the stable distribution (jessie), this problem has been fixed in
version 1.7.0~beta1+really1.6.4+dfsg-1+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 1.8.4+dfsg-1.

For the unstable distribution (sid), this problem has been fixed in
version 1.8.4+dfsg-1.

We recommend that you upgrade your owncloud-client packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Related

debian 2
owncloud 6
prion 2
ubuntucve 2
cve 2
mageia 1
openvas 3
nessus 1
securityvulns 1
debiancve 2
debian
debian
[SECURITY] [DSA 3363-1] owncloud-client security update
2015-09-20 10:29:13
[SECURITY] [DSA 3363-1] owncloud-client security update
2015-09-20 10:29:13
owncloud
owncloud
Improper validation of certificates when using self-signed certificates 1.8.2
2015-06-08 00:00:00
Desktop Client: Improper validation of certificates when using self-signed certificates
2015-06-08 19:40:26
Improper validation of certificates when using self-signed certificates - ownCloud
2015-06-08 11:42:12
prion
prion
Design/Logic Flaw
2015-10-26 14:59:00
Design/Logic Flaw
2015-10-26 14:59:00
ubuntucve
ubuntucve
CVE-2015-4456
2015-10-26 00:00:00
CVE-2015-7298
2015-10-26 00:00:00
cve
cve
CVE-2015-4456
2015-10-26 14:59:00
CVE-2015-7298
2015-10-26 14:59:00
mageia
mageia
Updated owncloud-client package fixes security vulnerability
2015-07-05 20:22:03
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0256)
2015-10-15 00:00:00
Debian Security Advisory DSA 3363-1 (owncloud-client - security update)
2015-09-20 00:00:00
Debian: Security Advisory (DSA-3363-1)
2015-09-19 00:00:00
nessus
nessus
Debian DSA-3363-1 : owncloud-client - security update
2015-09-21 00:00:00
securityvulns
securityvulns
owncloud client server spoofing
2015-10-25 00:00:00
debiancve
debiancve
CVE-2015-4456
2015-10-26 14:59:00
CVE-2015-7298
2015-10-26 14:59:00
JSON
Related for SECURITYVULNS:DOC:32585
debian2owncloud6prion2ubuntucve2cve2mageia1openvas3nessus1securityvulns1debiancve2