Test ID:	1.3.6.1.4.1.25623.1.0.100934
Category:	General
Title:	Perl IO::Socket::SSL 'verify_mode' Security Bypass Vulnerability
Summary:	The IO::Socket::SSL module for Perl is prone to a security-; bypass vulnerability.
Description:	Summary: The IO::Socket::SSL module for Perl is prone to a security- bypass vulnerability. Vulnerability Impact: Successfully exploiting this issue allows attackers to bypass certain security restrictions, which may aid in spoofing attacks. Affected Software/OS: Versions prior to 1.35 are vulnerable. Solution: Updates are available. Please see the references for more information. CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4334 42508 http://secunia.com/advisories/42508 42757 http://secunia.com/advisories/42757 45189 http://www.securityfocus.com/bid/45189 69626 http://osvdb.org/69626 FEDORA-2010-19054 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052594.html FEDORA-2010-19058 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052601.html MDVSA-2011:092 http://www.mandriva.com/security/advisories?name=MDVSA-2011:092 [oss-security] 20101209 Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo http://www.openwall.com/lists/oss-security/2010/12/09/8 [oss-security] 20101224 IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe http://www.openwall.com/lists/oss-security/2010/12/24/1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058 http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.35/Changes
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.