KDE 3.0.3 fixes X.509 certificate check vulnerability
Package(s):
kde
CVE #(s):
Created:
September 4, 2002
Updated:
September 11, 2002
Description:
The SSL implementation used by previous version of KDE
accepted, without alerting the user, any X.509 certificate signed
by any entity under specific conditions.
This bug allows
"for undetected MITM attacks ("man in the mittle"), which
could compromise an encrypted HTTPS session."