Error: "One or more intermediate in the chain are missing" When Updating Expired Certificate on StoreFront

The following error is displayed when updating an expired certificate on StoreFront: "One or more intermediate in the chain are missing"...

Google to Distrust WoSign, StartCom Certs in 2017

Google announced Monday that when it ships Chrome 56 in January 2017 the browser will distrust certificates issued by Chinese certificate authoritiesWoSign and StartCom that have made headlines over the past month. The move was somewhat expected after Mozilla announced last week the company would...

3: API server does not validate client-provided intermediate certificates correctly

It was found that Kubernetes did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate...

Apple To Block WoSign Intermediate Certificates

Apple weighed in on the ongoing WoSign fiasco over the weekend, saying it would soon distrust certificates issued by the Chinese Certificate Authority’s Free SSL Certificate G2 intermediate CA on macOS. Apple’s decision comes several days after Mozilla accused the CA of backdating SHA-1...

Mail.ru: Back Refresh Attack after registration and successful logout

About the vulnerability: The back, forward and refresh buttons of the browser can be used to steal the password of a previous user. In this article we examine the vulnerability and look at ways to solve them.A web browser has the functionality to store the recent pages browsed by the user in its...

Reverse Engineering Cross Platform Disassembler: Panopticon

Reverse Engineering Cross Platform Disassembler Panopticon is a disassembler that understands the semantics of opcodes. This way it’s able to help the user by discovering and displaying invariants that would have to be discovered “by hand” in traditional disassemblers. This allows an interactive...

Design/Logic Flaw

Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file...

CVE-2015-1776

Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file...

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

Design/Logic Flaw

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

UBUNTU-CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

CVE-2016-0818

The CVE affects Conscrypt’s TrustManagerImpl on Android, where caching mishandles the distinction between an intermediate CA and a trusted root CA. Affected: Android/Conscrypt versions: 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01. Impact: enables MITM by exploiting an int...

The vulnerability of intermediate software for WebSphere MQ allows attackers to gain access to protected information.

The vulnerability of the intermediate software component of WebSphere MQ lies in the lack of compatibility checks during operation. Exploiting this vulnerability can allow a malicious actor to gain access to protected information by analyzing network traffic...

OpenSSL - Alternative Chains Certificate Forgery

OpenSSL - Alternative Chains Certificate Forgery !/usr/bin/env ruby encoding: ASCII-8BIT By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = 0, 0, 1 Release = nil class String def hexdumpstream=$stdout 0.stepbytesize - ...

CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970...

freeradius: insufficient CRL validation

The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List CRL checks. The FreeRADIUS usage of OpenSSL, in CRL application, limits the checks to leaf certificates, therefore not detecting revocation of intermediate CA certificates. An unexpire...

FreeBSD : freeradius -- insufficient CRL application vulnerability (379788f3-2900-11e5-a4a5-002590263bf5)

oCERT reports : The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List CRL checks. The FreeRADIUS usage of OpenSSL, in CRL application, limits the checks to leaf certificates, therefore not detecting revocation of intermediate CA...

FreeRADIUS Certificate Improperly Validated Revocation of Intermediate CA Certificate Vulnerability

FreeRadius is an open source based on the Radius protocol , the implementation of Radius AAA Authentication, Authorization, Accounting function of the software . FreeRadius fails to correctly detect the intermediate CA certificate , allowing remote users with an intermediate CA issued a certifica...