Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.Referenceshttp://www.securityfocus.com/bid/9960http://capnbry.net/daoc/advisory20040323/http://lists.netsys.com/pipermail/full-disclosure/2004-March/019212.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/15597http://marc.info/?l=bugtraq&m=108016932816707&w=2
