FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnutls -- X.509 certificate chain validation vulnerability

Affected packages
gnutls < 2.4.2

Details

VuXML ID 45298931-b3bf-11dd-80f8-001cc0377035
Discovery 2008-11-10
Entry 2008-11-16

SecurityFocus reports:

GnuTLS is prone to a security-bypass vulnerability because the application fails to properly validate chained X.509 certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted servers. Unsuspecting users may be under a false sense of security that can aid attackers in launching further attacks.

References

Bugtraq ID 32232
CVE Name CVE-2008-4989
Message 4918143A.3050103@gmx.net
URL http://www.gnu.org/software/gnutls/security.html