Ubuntu
proxytunnel package

Proxytunnel doesn't check if certificate is valid

Bug #1814774 reported by Peter Listiak
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
proxytunnel (Ubuntu)
New
Undecided
Unassigned

Bug Description

Proxytunnel 1.9.0+svn250-6 as well as 1.9.0+svn250-6build1, doesn't check valid of ssl certificate if parameter -e (SSL encrypt data between local proxy and destination) is used. It means that somebody could start MITM attack. It is already solved in upstream as you can see here - https://github.com/proxytunnel/proxytunnel/commit/5a7692f28f536108acea5b5efc129e14c9c383ca.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.