Описание
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 1.12.0-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 1.12.0-1 |
| esm-apps/jammy | not-affected | 1.12.0-1 |
| esm-apps/noble | not-affected | 1.12.0-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 1.12.0-1 |
| groovy | not-affected | 1.12.0-1 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL ...
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3