« Sun Alert 256748 A... | Main | Sun Alert 260449 Two... »
10 Jun 2009 Sun Alert 260528 Security Vulnerability in the GnuTLS (libgnutls(3)) Library Certificate Chain Validation
posted by chandan in Alerts
Product: Solaris 10 Operating System OpenSolaris

A Security vulnerability in GnuTLS (libgnutls(3)) library X.509 certificate chain validation may cause client applications to trust certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate. This may allow a remote unprivileged user to carry out man-in-the-middle type of attacks using forged serer certificates.

Evolution(evolution(1)) and Remote Desktop Applications are examples of applications which use this vulnerable library.

This vulnerability is also described in the following document:
State: Resolved
First released: 10-Jun-2009
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-260528-1
Permalink |
Comments:

Post a Comment:

Comments are closed for this entry.

« Sun Alert 256748 A... | Main | Sun Alert 260449 Two... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« December 2009
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.