CVE Vulnerabilities

CVE-2003-0960

Published: Dec 15, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.

Affected Software

Name Vendor Start Version End Version
Openca Openca 0.8.0 0.8.0
Openca Openca 0.8.1 0.8.1
Openca Openca 0.8.6 0.8.6
Openca Openca 0.9.0 0.9.0
Openca Openca 0.9.0.1 0.9.0.1
Openca Openca 0.9.0.2 0.9.0.2
Openca Openca 0.9.1 0.9.1
Openca Openca 0.9.1.2 0.9.1.2
Openca Openca 0.9.1.3 0.9.1.3

References