PT-2012-6096 · Paypal+3 · Paypal Payments Pro+6

David Jorm

·

Publicado

2012-11-04

·

Atualizado

2020-10-07

·

CVE-2012-5784

CVSS v2.0

5.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Apache Axis versions 1.4 and earlier
Description The issue allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate because it does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. This affects products such as PayPal Payments Pro, PayPal Mass Pay, and PayPal Transactional Information SOAP, as well as the Java Message Service implementation in Apache ActiveMQ.
Recommendations For Apache Axis versions 1.4 and earlier, consider updating to a version that properly verifies the server hostname against the X.509 certificate to prevent SSL server spoofing. As a temporary workaround, restrict access to sensitive services utilizing Apache Axis to minimize the risk of exploitation.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2012-5784
DLA-169-1
GHSA-55W9-C3G2-4RRH
MGASA-2013-0200
OPENSUSE-SU-2019:1497-1
OPENSUSE-SU-2019_1497-1
OPENSUSE-SU-2019_1526-1
OPENSUSE-SU-2024:10646-1
RHSA-2013:0269
RHSA-2013:0683
RHSA-2013_0269
RHSA-2013_0683
RHSA-2014:0037
RHSA-2014:1123
SUSE-SU-2019:1373-1
SUSE-SU-2019:1373-2
SUSE-SU-2019:1382-1
SUSE-SU-2019_1373-1
SUSE-SU-2019_1373-2
SUSE-SU-2019_1382-1

Produtos afetados

Apache Activemq
Apache Axis
Paypal Mass Pay
Paypal Payments Pro
Paypal Transactional Information Soap
Red Hat
Suse