|
|
Info |
Last Modified |
| 11 months ago |
|
|
|
|
Description |
OpenCA contains a flaw that may allow a malicious user to bypass signature verification of a certificate. The issue is triggered because the libCheckSignature function only performs a check on the base of the serial of the associated certificate. It is possible that the flaw may lead to the acceptance of an invalid or malicious certificate.
|
|
Classification |
Unknown or Incomplete
|
|
Solution |
Upgrade to version 0.9.1.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
OpenCA
 |
0.9.0 |
0.9.0.1 |
0.9.0.2 |
0.9.1.1 |
0.9.1.2 |
0.9.1.3 |
0.9.1.4 |
0.9.1.5 |
0.9.1.6 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|