CVE-2011-1428 (GCVE-0-2011-1428)

Vulnerability from cvelistv5 – Published: 2011-03-16 22:00 – Updated: 2024-09-17 02:16
VLAI
Summary
Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
URL Tags
http://savannah.nongnu.org/patch/index.php?7459 x_refsource_CONFIRM
http://www.securityfocus.com/bid/46612 vdb-entryx_refsource_BID
http://git.savannah.gnu.org/gitweb/?p=weechat.git… x_refsource_CONFIRM
http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
http://secunia.com/advisories/43543 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:40.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://savannah.nongnu.org/patch/index.php?7459"
          },
          {
            "name": "46612",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46612"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
          },
          {
            "name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
          },
          {
            "name": "43543",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-03-16T22:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://savannah.nongnu.org/patch/index.php?7459"
        },
        {
          "name": "46612",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46612"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
        },
        {
          "name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
        },
        {
          "name": "43543",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43543"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1428",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://savannah.nongnu.org/patch/index.php?7459",
              "refsource": "CONFIRM",
              "url": "http://savannah.nongnu.org/patch/index.php?7459"
            },
            {
              "name": "46612",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46612"
            },
            {
              "name": "http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d91",
              "refsource": "CONFIRM",
              "url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
            },
            {
              "name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
            },
            {
              "name": "43543",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43543"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1428",
    "datePublished": "2011-03-16T22:00:00.000Z",
    "dateReserved": "2011-03-16T00:00:00.000Z",
    "dateUpdated": "2024-09-17T02:16:44.046Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2011-1428",
      "date": "2026-07-17",
      "epss": "0.01082",
      "percentile": "0.61418"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.3.4\", \"matchCriteriaId\": \"466274E7-1A00-43E0-858D-E7502284C211\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"385CCD88-6D19-4E74-A92F-351DA7649DAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FBC99DC-E5E3-414E-BA7A-EAA25B13BB66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"077DDF91-4669-404E-A603-475FACF461B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93F23AEF-4A8E-492E-8EA4-365F21BDFD03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A374A8-5108-42D9-90BB-52DEE3B21CA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62AB2B6A-60B2-4F59-9B42-2143802328BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15051829-382B-4495-B948-819A0FA427D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37EA6810-410A-4E61-AB2D-E8281EBF6539\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0FB8EDF-52C0-4FC9-B426-76A64A0FE4E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04B2834C-56E7-4645-87FE-48BFEC371D2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF61EC94-F246-4409-90F3-EE7DFC69CAF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"550E6F5F-9097-4363-9070-570FD93C87D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBC981A4-46CB-406F-863B-5536A8D5CB56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B73D8DC4-6DDF-46D3-9545-CE7B247434D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEF20591-A0B3-4016-B5F2-1D4B545611A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4547261E-1696-4AE4-BCFB-9BCE5FD25695\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A1EDE38-742B-42CA-AADD-90619ACA0548\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7009800C-1C58-47C7-B39E-1AE4D490AB75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DD0016E-DFBB-4266-BAD1-C6AC3BBA6240\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"260A912C-8415-40AC-B3CA-88CAD52D999B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74466A06-6DAC-484E-B087-0D0EDCF05B46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"775BB9BF-C722-40C0-94C5-54E3E2F70EBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E32350E-BA84-405B-828E-587242F65D21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F9DC6B2-477E-41A8-801A-B2D1FD9C74A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6ABB52B-A18E-4FEF-9D45-F03AE9A2C822\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC44B684-89A2-4A6E-8BC1-98C3C7B6A0FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD6E122F-B037-4969-A8B6-727FC137057F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD9130CC-BB1D-4523-AE17-81FA7304D1F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.2.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BFD5C8D-A60C-41A4-A960-B1FDDC9ADA66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E5C3F77-0B77-4270-A82B-185CE85B4D2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0E3319D-909D-4334-96C6-67656A228C7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.3.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3B74FE7-45EF-416A-8606-61FC0F05E76E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FE21E59-3A2C-40A4-AE97-3EB2F8A2A509\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:flashtux:weechat:0.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2E27C97-37BE-4BA3-9BCD-900D8DC44F58\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.\"}, {\"lang\": \"es\", \"value\": \"Wee Enhanced Environment para Chat (tambi\\u00e9n conocido como WeeChat) v0.3.4 y anteriores no comprueban de forma correcta que el nombre del servidor coincide con el nombre de dominio del campo subject de un certificado X.509, que permite a los atacantes \\\"man-in-the-middle\\\" falsificar un servidor de chat SSL a trav\\u00e9s de un certificado de su elecci\\u00f3n, relacionado con el uso incorrecto de la API GnuTLS.\"}]",
      "id": "CVE-2011-1428",
      "lastModified": "2024-11-21T01:26:17.417",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-03-16T22:55:04.700",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://savannah.nongnu.org/patch/index.php?7459\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://secunia.com/advisories/43543\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/46612\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://savannah.nongnu.org/patch/index.php?7459\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://secunia.com/advisories/43543\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/46612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1428\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-03-16T22:55:04.700\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.\"},{\"lang\":\"es\",\"value\":\"Wee Enhanced Environment para Chat (tambi\u00e9n conocido como WeeChat) v0.3.4 y anteriores no comprueban de forma correcta que el nombre del servidor coincide con el nombre de dominio del campo subject de un certificado X.509, que permite a los atacantes \\\"man-in-the-middle\\\" falsificar un servidor de chat SSL a trav\u00e9s de un certificado de su elecci\u00f3n, relacionado con el uso incorrecto de la API GnuTLS.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.3.4\",\"matchCriteriaId\":\"466274E7-1A00-43E0-858D-E7502284C211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"385CCD88-6D19-4E74-A92F-351DA7649DAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FBC99DC-E5E3-414E-BA7A-EAA25B13BB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"077DDF91-4669-404E-A603-475FACF461B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F23AEF-4A8E-492E-8EA4-365F21BDFD03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A374A8-5108-42D9-90BB-52DEE3B21CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62AB2B6A-60B2-4F59-9B42-2143802328BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15051829-382B-4495-B948-819A0FA427D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37EA6810-410A-4E61-AB2D-E8281EBF6539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0FB8EDF-52C0-4FC9-B426-76A64A0FE4E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04B2834C-56E7-4645-87FE-48BFEC371D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF61EC94-F246-4409-90F3-EE7DFC69CAF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550E6F5F-9097-4363-9070-570FD93C87D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBC981A4-46CB-406F-863B-5536A8D5CB56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73D8DC4-6DDF-46D3-9545-CE7B247434D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEF20591-A0B3-4016-B5F2-1D4B545611A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4547261E-1696-4AE4-BCFB-9BCE5FD25695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A1EDE38-742B-42CA-AADD-90619ACA0548\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7009800C-1C58-47C7-B39E-1AE4D490AB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DD0016E-DFBB-4266-BAD1-C6AC3BBA6240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260A912C-8415-40AC-B3CA-88CAD52D999B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74466A06-6DAC-484E-B087-0D0EDCF05B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"775BB9BF-C722-40C0-94C5-54E3E2F70EBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E32350E-BA84-405B-828E-587242F65D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9DC6B2-477E-41A8-801A-B2D1FD9C74A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6ABB52B-A18E-4FEF-9D45-F03AE9A2C822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC44B684-89A2-4A6E-8BC1-98C3C7B6A0FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6E122F-B037-4969-A8B6-727FC137057F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD9130CC-BB1D-4523-AE17-81FA7304D1F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFD5C8D-A60C-41A4-A960-B1FDDC9ADA66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5C3F77-0B77-4270-A82B-185CE85B4D2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0E3319D-909D-4334-96C6-67656A228C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3B74FE7-45EF-416A-8606-61FC0F05E76E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE21E59-3A2C-40A4-AE97-3EB2F8A2A509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2E27C97-37BE-4BA3-9BCD-900D8DC44F58\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://savannah.nongnu.org/patch/index.php?7459\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/43543\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/46612\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://savannah.nongnu.org/patch/index.php?7459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/43543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/46612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "redhat_vex": {
      "current_release_date": "2025-11-21T12:58:41+00:00",
      "cve": "CVE-2011-1428",
      "id": "CVE-2011-1428",
      "initial_release_date": "2011-02-27T00:00:00+00:00",
      "product_status:known_not_affected": "1",
      "source": "Red Hat CSAF VEX",
      "status": "final",
      "title": "weechat: improper verification of X.509 certificates can lead to MITM attacks",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2011/cve-2011-1428.json",
      "version": "3"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…