Lucene search

K
securityvulnsBUGTRAQSECURITYVULNS:VULN:3374
HistoryJan 17, 2004 - 12:00 a.m.

OpenCA certificate spoofing

2004-01-1700:00:00
BUGTRAQ
vulners.com
35

A flaw could cause OpenCA to accept a
signature from a certificate if the certificate's chain is trusted by
the chain directory of OpenCA. This means that a certificate from
another PKI can authorize operations on the used PKI if the chain of the
used signature certifcate can establish a trust relationship to the
actually used PKI.