CVE-2011-1428 (GCVE-0-2011-1428)
Vulnerability from cvelistv5 – Published: 2011-03-16 22:00 – Updated: 2024-09-17 02:16
VLAI
EPSS
VEX
Summary
Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://savannah.nongnu.org/patch/index.php?7459 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46612 | vdb-entryx_refsource_BID |
| http://git.savannah.gnu.org/gitweb/?p=weechat.git… | x_refsource_CONFIRM |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/43543 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:40.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/patch/index.php?7459"
},
{
"name": "46612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
},
{
"name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
},
{
"name": "43543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43543"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-16T22:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/patch/index.php?7459"
},
{
"name": "46612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
},
{
"name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
},
{
"name": "43543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43543"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://savannah.nongnu.org/patch/index.php?7459",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/patch/index.php?7459"
},
{
"name": "46612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46612"
},
{
"name": "http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d91",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/gitweb/?p=weechat.git;a=commit;h=c265cad1c95b84abfd4e8d861f25926ef13b5d91"
},
{
"name": "20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html"
},
{
"name": "43543",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43543"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1428",
"datePublished": "2011-03-16T22:00:00.000Z",
"dateReserved": "2011-03-16T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:16:44.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2011-1428",
"date": "2026-07-18",
"epss": "0.01082",
"percentile": "0.61432"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2011-1428\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-03-16T22:55:04.700\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.\"},{\"lang\":\"es\",\"value\":\"Wee Enhanced Environment para Chat (tambi\u00e9n conocido como WeeChat) v0.3.4 y anteriores no comprueban de forma correcta que el nombre del servidor coincide con el nombre de dominio del campo subject de un certificado X.509, que permite a los atacantes \\\"man-in-the-middle\\\" falsificar un servidor de chat SSL a trav\u00e9s de un certificado de su elecci\u00f3n, relacionado con el uso incorrecto de la API GnuTLS.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.3.4\",\"matchCriteriaId\":\"466274E7-1A00-43E0-858D-E7502284C211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"385CCD88-6D19-4E74-A92F-351DA7649DAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FBC99DC-E5E3-414E-BA7A-EAA25B13BB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"077DDF91-4669-404E-A603-475FACF461B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F23AEF-4A8E-492E-8EA4-365F21BDFD03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A374A8-5108-42D9-90BB-52DEE3B21CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62AB2B6A-60B2-4F59-9B42-2143802328BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15051829-382B-4495-B948-819A0FA427D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37EA6810-410A-4E61-AB2D-E8281EBF6539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0FB8EDF-52C0-4FC9-B426-76A64A0FE4E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04B2834C-56E7-4645-87FE-48BFEC371D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF61EC94-F246-4409-90F3-EE7DFC69CAF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550E6F5F-9097-4363-9070-570FD93C87D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBC981A4-46CB-406F-863B-5536A8D5CB56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73D8DC4-6DDF-46D3-9545-CE7B247434D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEF20591-A0B3-4016-B5F2-1D4B545611A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4547261E-1696-4AE4-BCFB-9BCE5FD25695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A1EDE38-742B-42CA-AADD-90619ACA0548\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7009800C-1C58-47C7-B39E-1AE4D490AB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DD0016E-DFBB-4266-BAD1-C6AC3BBA6240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260A912C-8415-40AC-B3CA-88CAD52D999B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74466A06-6DAC-484E-B087-0D0EDCF05B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"775BB9BF-C722-40C0-94C5-54E3E2F70EBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E32350E-BA84-405B-828E-587242F65D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9DC6B2-477E-41A8-801A-B2D1FD9C74A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6ABB52B-A18E-4FEF-9D45-F03AE9A2C822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC44B684-89A2-4A6E-8BC1-98C3C7B6A0FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6E122F-B037-4969-A8B6-727FC137057F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD9130CC-BB1D-4523-AE17-81FA7304D1F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFD5C8D-A60C-41A4-A960-B1FDDC9ADA66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5C3F77-0B77-4270-A82B-185CE85B4D2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0E3319D-909D-4334-96C6-67656A228C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3B74FE7-45EF-416A-8606-61FC0F05E76E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE21E59-3A2C-40A4-AE97-3EB2F8A2A509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flashtux:weechat:0.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2E27C97-37BE-4BA3-9BCD-900D8DC44F58\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://savannah.nongnu.org/patch/index.php?7459\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/43543\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/46612\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://savannah.nongnu.org/patch/index.php?7459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/43543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/46612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"redhat_vex": {
"current_release_date": "2025-11-21T12:58:41+00:00",
"cve": "CVE-2011-1428",
"id": "CVE-2011-1428",
"initial_release_date": "2011-02-27T00:00:00+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "weechat: improper verification of X.509 certificates can lead to MITM attacks",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2011/cve-2011-1428.json",
"version": "3"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…