Scientific Linux Security Update : axis on SL5.x i386/x86_64
Medium Nessus Plugin ID 65679
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionApache Axis did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5784)
Applications using Apache Axis must be restarted for this update to take effect.
SolutionUpdate the affected packages.