Paloalto Netconnect vulnerabilities

CVE-2012-6606 [MEDIUM] CWE-310 Man-in-the-middle Vulnerability in GlobalProtect App Man-in-the-middle Vulnerability in GlobalProtect App A vulnerability exists in NetConnect (all version) and GlobalPortect App (1.1.6 and earlier) whereby the agent does not verify the certificate presented by the portal server, enabling a possible Man-in-the-middle attack. This vulnerability can result in an agent connecting to an attacker-controlled server allowing the attacker to receive the username and passw