CVE-2008-2420

2008-05-23T15:32:00
ID CVE-2008-2420
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:31:00

Description

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.