SSL Certificates Vulnerable to OpenSSL Flaw on Debian |
|
| BugsAlert Home > SSL Certificates Vulnerable to OpenSSL Flaw on Debian | |
|
LinuxSecurity.com: Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks. The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned. Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible. Original Source: http://www.linuxsecurity.com/content/view/138735?rdf Learn more about SSL Certificates Vulnerable to OpenSSL Flaw on Debian |
|
| Tags: ssl certificates vulnerable openssl flaw debian | |
Related Items |
|
|
VU#110947:KAME project IPv6 IPComp header denial of service vulnerability
|
|
|
FrSIRT - YourFreeWorld Downline Builder "id" Remote SQL Injection Vulnerability
|
|
|
CVE-2007-6296 (phpMyChat)
|
|
|
CVE-2008-5496 (business_directory_script)
|
|
|
CVE-2008-5662 (java_wireless_toolkit_for_cldc)
|
|
|
Bugtraq: [ GLSA 200803-05 ] SplitVT: Privilege escalation
|
|
|
FrSIRT - basebuilder "mj_config[src_path]" PHP File Inclusion Vulnerability
|
|
