Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4566HistoryNov 20, 2012 - 12:55 a.m.
CVE-2012-4566
2012-11-2000:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
0.005 Low
EPSS
Percentile
75.5%
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | radsecproxy | < 1.6.2-1 | radsecproxy_1.6.2-1_all.deb |
| Debian | 11 | all | radsecproxy | < 1.6.2-1 | radsecproxy_1.6.2-1_all.deb |
| Debian | 10 | all | radsecproxy | < 1.6.2-1 | radsecproxy_1.6.2-1_all.deb |
| Debian | 999 | all | radsecproxy | < 1.6.2-1 | radsecproxy_1.6.2-1_all.deb |
| Debian | 13 | all | radsecproxy | < 1.6.2-1 | radsecproxy_1.6.2-1_all.deb |
Related
osv
osv
radsecproxy - SSL certificate verification weakness
2012-11-10 00:00:00
securityvulns
securityvulns
radsecproxy protection bypass
2012-11-13 00:00:00
[SECURITY] [DSA 2573-1] radsecproxy security update
2012-11-13 00:00:00
nessus
nessus
Debian DSA-2573-1 : radsecproxy - SSL certificate verification weakness
2012-11-12 00:00:00
debian
debian
[SECURITY] [DSA 2573-1] radsecproxy security update
2012-11-10 21:51:53
openvas
openvas
Debian Security Advisory DSA 2573-1 (radsecproxy)
2012-11-16 00:00:00
Debian: Security Advisory (DSA-2573-1)
2012-11-16 00:00:00
cvelist
cvelist
CVE-2012-4566
2022-10-03 16:15:32
CVE-2012-4523
2012-11-20 00:00:00
prion
prion
Design/Logic Flaw
2012-11-20 00:55:00
Design/Logic Flaw
2012-11-20 00:55:00
cve
cve
CVE-2012-4566
2012-11-20 00:55:00
CVE-2012-4523
2012-11-20 00:55:00
ubuntucve
ubuntucve
CVE-2012-4566
2012-11-20 00:00:00
CVE-2012-4523
2012-11-20 00:00:00
debiancve
debiancve
CVE-2012-4523
2012-11-20 00:55:00