Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2011-4968

Published: 19 November 2019

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Notes

AuthorNote
seth-arnold
Backporting this fix is non-trivial and may break deployed
applications. Someone who really wanted this could use stunnel as a
work-around until 16.04 LTS is released.

Priority

Low

CVSS 3 base score: 4.8

Status

Package Release Status
nginx
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid Ignored
(reached end-of-life)
oneiric Ignored
(reached end-of-life)
precise Ignored
(see notes)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Ignored
(see notes)
upstream
Released (1.7.0)
utopic Ignored
(reached end-of-life)
vivid Ignored
(see notes)
Patches:
upstream: http://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx