Computer Security
[EN] securityvulns.ru no-pyccku


curl TLS certificates spoofing
Published:19.07.2007
Source:
SecurityVulns ID:7945
Type:library
Threat Level:
5/10
Description:Certificate's activation adn expire dates are not checked if GnuTLS verification method is used.
Affected:CURL : curl 7.15
CVE:CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate expiration or activation dates, which allows remote attackers to bypass certain access restrictions.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod