OpenCA crypto-utils.lib libCheckSignature Function Signature Validation Weakness

The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and incluing 0.9.1.6 contains a flaw that may lead an attacker to bypass signature verification of a certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2004-0004

Affects OpenCA : OpenCA 0.9.1.6 and earlier use crypto-utils.lib’s libCheckSignature, which compares only the certificate serial to the database entry. This can allow a signature to be accepted if the signer's certificate chain is trusted by OpenCA’s chain directory, enabling an attacker to spoof...