3 matches found
EJBCA 安全漏洞
EJBCA is an open source Public Key Infrastructure PKI and Certificate Authority CA software from Keyfactor Open Source. A security vulnerability exists in EJBCA versions prior to 8.3.1 that stems from the length of the salt value in the CMP CLI client does not comply with the security requirement...
embedded zero in cert name
SSL and TLS Server certificates contain one or more fields with server name or otherwise matching patterns. These strings are stored as content and length within the certificate, and thus there is no particular terminating character. curl's OpenSSL interfacing code did faulty assumptions about...
mod_ssl ssl_util_uuencode_binary CA issue
Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...