Design/Logic Flaw

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

PT-2015-4018 · Gnu +4 · Gnutls +4

Name of the Vulnerable Software and Affected Versions: GnuTLS versions prior to 2.9.10 Description: The issue allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is either not yet valid or no longer valid, due to the failure to verify the activati...

Ubuntu: Security Advisory (USN-484-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for curl vulnerability USN-484-1

Ubuntu Update for Linux kernel vulnerabilities USN-484-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4841.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for curl vulnerability USN-484-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 6.10 / 7.04 : curl vulnerability (USN-484-1)

It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates. Note that Tenable Network...

curl TLS certificates spoofing

Certificate's activation adn expire dates are not checked if GnuTLS verification method is used...

USN-484-1: curl vulnerability

It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates...