New Search

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted self-signed certificate which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).

oval:org.mitre.oval:def:11650

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted self-signed certificate which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2008-4989
Product(s):