Insecure X.509 Certificate Creation in pfSense by Netgate
CVE-2011-4197

Currently unrated

Key Information:

Vendor

Pfsense

Status
Pfsense
Vendor
CVE Published:
3 January 2012

What is CVE-2011-4197?

The PKI implementation in pfSense prior to version 2.0.1 inadequately handles X.509 certificates by automatically assigning a true value to the CA basic constraint. This flaw enables remote attackers to forge sub-certificates for any subject, leveraging possession of private keys. Such a vulnerability can lead to unauthorized access or impersonation, significantly undermining the security of the network infrastructure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/51169
vdb-entryx_refsource_BID
https://github.com/bsdperimeter/pfsense/commit/87b4deb2b2...
x_refsource_CONFIRM
https://github.com/bsdperimeter/pfsense/commit/1379d66f11...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.