Gu1

**Name of the Vulnerable Software and Affected Versions** Wee Enhanced Environment for Chat (aka WeeChat) versions 0.3.4 and earlier **Description** The issue arises from improper verification that the server hostname matches the domain name of the subject of an X.509 certificate. This allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, due to incorrect use of the GnuTLS API. **Recommendations** For Wee Enhanced Environment for Chat (aka WeeChat) versions 0.3.4 and earlier, update to a version that properly verifies the server hostname against the domain name of the X.509 certificate subject.