Vulnerability: OpenCA signature validation

An OpenCA Security Advisory warns multiple flaws have been detected in OpenCA which could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked. “This could lead to certificates that are revoked or expired being incorrectly accepted,” the Advisory states. The flaws affect all versions of OpenCA including 0.9.1.3.

More information is available at:
http://www.openca.org/news/CAN-2003-0960.txt

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments