X.509 Certificate Verification Flaw in GnuTLS Products
CVE-2014-0092

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnutls
Vendor: CVE Published:; 7 March 2014

Summary

The vulnerability in GnuTLS affects the verification process for X.509 certificates, allowing attackers to potentially spoof SSL servers through crafted certificates. This flaw creates a significant risk for secure connections, facilitating man-in-the-middle attacks which could compromise sensitive data. Users should ensure they are using updated versions of GnuTLS to mitigate this risk.

References

http://secunia.com/advisories/57321

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/57260

third-party-advisoryx_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2014-0288.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Mar 7, 2014
Vulnerability Reserved
Dec 3, 2013