stunnel protection bypass
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
stunnel protection bypass
Published:
08.08.2008
Source:
BUGTRAQ
SecurityVulns ID:
9208
Type:
remote
Level:
4
/10
Description:
Revoked certificate status is incorrectly checked.
Affected:
STUNNEL
:
stunnel 4.23
CVE:
CVE-2008-2420
(The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.)
Original document
GENTOO
,
[ GLSA 200808-08 ] stunnel: Security bypass
(
08.08.2008
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
