CVE-2011-1428

N/A Unknown
Published: March 16, 2011 Modified: April 29, 2026
View on NVD

Description

Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html
Source: cve@mitre.org
Exploit
http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91
Source: cve@mitre.org
http://savannah.nongnu.org/patch/index.php?7459
Source: cve@mitre.org
Exploit Patch
http://secunia.com/advisories/43543
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/46612
Source: cve@mitre.org
http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0671.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://git.savannah.gnu.org/gitweb/?p=weechat.git%3Ba=commit%3Bh=c265cad1c95b84abfd4e8d861f25926ef13b5d91
Source: af854a3a-2127-422b-91ae-364da2661108
http://savannah.nongnu.org/patch/index.php?7459
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
http://secunia.com/advisories/43543
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/46612
Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.1%
61th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

flashtux

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1