Описание
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| feisty | ignored | end of life, was needs-triage |
| gutsy | ignored | end of life, was needs-triage |
| hardy | ignored | end of life |
| intrepid | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
The OCSP functionality in stunnel before 4.24 does not properly search ...
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2