CVE 2014-7202
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- MLIST: [oss-security] 2014092...
- MLIST: [oss-security] 2014092...
- CONFIRM: https://github.com/zer...
- BID: 70157
- SUSE: openSUSE-SU-2014:1381
- SUSE: openSUSE-SU-2014:1493
- CONFIRM: https://github.com/zer...
- SECUNIA: 62262
- XF: zeromq-handshake-sec-b...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)