CVE-2013-5123 – phlyLabs phlyMail Lite 4.03.04 - 'go' Open Redirect

https://notcve.org/view.php?id=CVE-2013-5123

The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. El soporte de duplicación (-M, --use-mirrors) en Python Pip versiones anteriores a la versión 1.5, utiliza consultas DNS no seguras y comprobaciones de autenticidad que permiten a atacantes realizar ataques de tipo man-in-the-middle. • https://www.exploit-db.com/exploits/24086 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155248.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155291.html http://www.openwall.com/lists/oss-security/2013/08/21/17 http://www.openwall.com/lists/oss-security/2013/08/21/18 http://www.securityfocus.com/bid/77520 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5123 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5123 https&# • CWE-287: Improper Authentication •