GnuTLS Vulnerability in X.509 Certificate Verification
CVE-2014-1959

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnutls
Vendor: CVE Published:; 7 March 2014

Summary

A flaw in the certificate verification process of GnuTLS allows remote attackers to exploit version 1 X.509 certificates. The library incorrectly treats these certificates as intermediate Certificate Authorities (CAs), enabling attackers to leverage a trusted CA's X.509 V1 certificate to issue unauthorized certificates. This could lead to significant security risks as the intended restrictions on certificate issuance can be bypassed.

References

http://www.gnutls.org/security.html

x_refsource_CONFIRM

http://seclists.org/oss-sec/2014/q1/344

mailing-listx_refsource_MLIST

http://seclists.org/oss-sec/2014/q1/345

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Mar 7, 2014
Vulnerability Reserved
Feb 13, 2014