DEBIAN-CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

MGASA-2014-0425 Updated pidgin packages fix security vulnerabilities

In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...

UBUNTU-CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

smack: incorrect X.509 certificate validation

It was found that the ServerTrustManager in the Smack XMPP API did not verify basicConstraints and nameConstraints in X.509 certificate chains. A man-in-the-middle attacker could use this flaw to spoof servers and obtain sensitive information...

smack: incorrect X.509 certificate validation

It was found that the ServerTrustManager in the Smack XMPP API did not verify basicConstraints and nameConstraints in X.509 certificate chains. A man-in-the-middle attacker could use this flaw to spoof servers and obtain sensitive information...

SSL Certificate Chain Analysis

This plugin examines the chain of X.509 certificates used by this service. TRUSTED...

Pantech Link/P7040P phones SSL certificate chain check vulnerabilities

Intermediate certificate basic constraints are not checked...

SSL Certificate Fails to Adhere to Basic Constraints / Key Usage Extensions

An X.509 certificate sent by the remote host contains one or more violations of the restrictions imposed on it by RFC 5280. This means that either a root or intermediate Certificate Authority signed a certificate incorrectly. Certificates that fail to adhere to the restrictions in their extension...

OpenSSL CA Certificate Security Bypass Vulnerability

This host is running OpenSSL and is prone to Security Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodopensslcacertbypassvuln.nasl 5656 2017-03-21 11:03:12Z cfi $ OpenSSL CA Certificate Security Bypass Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2009 SecPod,...

CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970...

DEBIAN-CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970...

CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970...

CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970...

CVE-2002-1407

TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack...

PT-2002-1876 · Microsoft · Outlook Express For Mac +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 98 through XP Office for Mac affected versions not specified Internet Explorer for Mac affected versions not specified Outlook Express for Mac affected versions not specified Description: The issue concerns the...

Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain

Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain source: https://www.securityfocus.com/bid/5410/info A flaw has been reported in the handling of X.509 certificates by a number of products, including several web browsers. It may be possible fo...