CVE-2003-0960 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2003-0960

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.

Affected Software

Name	Vendor	Start Version	End Version
Openca	Openca	0.8.0	0.8.0
Openca	Openca	0.8.1	0.8.1
Openca	Openca	0.8.6	0.8.6
Openca	Openca	0.9.0	0.9.0
Openca	Openca	0.9.0.1	0.9.0.1
Openca	Openca	0.9.0.2	0.9.0.2
Openca	Openca	0.9.1	0.9.1
Openca	Openca	0.9.1.2	0.9.1.2
Openca	Openca	0.9.1.3	0.9.1.3

References

http://marc.info/?l=bugtraq\u0026m=107003609308765\u0026w=2