Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Flashtux WeeChat SSL证书验证安全漏洞
Vulnerability Description
WeeChat(Wee Enhanced Environment for Chat)是一款高效的轻型IRC聊天客户端。 Wee Enhanced Environment for Chat(又名WeeChat)0.3.4及之前版本没有对服务器主机名称与X.509证书主题域名的匹配进行正确验证。中间人攻击者可以借助任意证书欺骗SSL聊天服务器。该漏洞与GnuTLS API的不正确使用有关。
CVSS Information
N/A
Vulnerability Type
N/A