lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gnutls | Gnu | 3.2.3 | 3.2.3 |
Gnutls | Gnu | 3.2.0 | 3.2.0 |
Gnutls | Gnu | 3.2.1 | 3.2.1 |
Gnutls | Gnu | 3.2.8 | 3.2.8 |
Gnutls | Gnu | 3.2.4 | 3.2.4 |
Gnutls | Gnu | 3.2.9 | 3.2.9 |
Gnutls | Gnu | 3.2.6 | 3.2.6 |
Gnutls | Gnu | 3.2.10 | 3.2.10 |
Gnutls | Gnu | * | 3.2.11 |
Gnutls | Gnu | 3.2.7 | 3.2.7 |
Gnutls | Gnu | 3.2.2 | 3.2.2 |
Gnutls | Gnu | 3.2.5 | 3.2.5 |
Gnutls | Gnu | 3.2.8.1 | 3.2.8.1 |