2 matches found
Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
Overview Apple Mac OS X Security Framework Online Certificate Status Protocol OCSP service is unable to retrieve certificate revocation lists on systems that are configured to use an HTTP proxy. This vulnerability may result in the use of revoked certificates. Description The Online Certificate...
CVE-2006-4409
The CVE-2006-4409 issue is concrete: OCSP in Apple Mac OS X Security Framework could fail to retrieve CRLs when a system uses an HTTP proxy (affecting Mac OS X 10.4 to 10.4.8). This could allow revoked certificates to be accepted by the system. The vulnerability pertains to the OCSP service, and ...