CVE-2008-2420

2008-05-23T11:32:00
ID CVE-2008-2420
Type cve
Reporter NVD
Modified 2017-08-07T21:31:01

Description

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.