CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-06-04 09:48:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
183d1f8677d424ca51cab102bc615f8bcebb511d
CVEs-PoC/2013/CVE-2013-6422.md
T
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

880 B
Raw Blame History

CVE-2013-6422

Description

The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink