Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GnuTLS X.509 'verify.c'证书链验证漏洞
Vulnerability Description
GnuTLS是用于实现TLS加密协议的函数库。 GNU TLS库的X.509证书链验证中存在错误,允许中间人用户使用任意名称并诱骗GNU TLS客户端信任该名称。 漏洞具体存在于x509/verify.c文件的_gnutls_x509_verify_certificate函数中: 1. 用可信任证书列表验证证书列表的最后一个单元。 2. 如果是自签名的话,从列表中删除最后一个单元。 3. 检查证书链确保每个证书都由后一个签名,除了最后一个单元。 如果向列表中添加任意的自签名可信任证书,就不会检查可信任证书
CVSS Information
N/A
Vulnerability Type
N/A