CVE 2011-4968

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Related bugs and status

CVE-2011-4968 (Candidate) is related to these bugs:

Bug #1098654: nginx vulnerable to MITM Attack [CVE-2011-4968]

		In	Importance	Status
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu)	Low	Fix Released
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Lucid)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Oneiric)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Precise)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Raring)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Quantal)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Debian)	Unknown	Fix Released
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	Nginx	Low	Fix Released
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Trusty)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Vivid)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Utopic)	Low	Won't Fix
1098654	nginx vulnerable to MITM Attack [CVE-2011-4968]	nginx (Ubuntu Wily)	Low	Fix Released

Bug #1262710: [MIR] nginx

Summary				In	Importance	Status
	1262710	[MIR] nginx		nginx (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.