FreeBSD : libcloud -- possible SSL MITM due to invalid regexp used to validate target server hostname (a14dee30-e3d7-11e1-a084-50e5492bd3dc)
Medium Nessus Plugin ID 61503
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe libcloud development team reports :
When establishing a secure (SSL / TLS) connection to a target server an invalid regular expression has been used for performing the hostname verification. Subset instead of the full target server hostname has been marked an an acceptable match for the given hostname. For example, certificate with a hostname field of 'aexample.com' was considered a valid certificate for domain 'example.com'.
SolutionUpdate the affected package.