Monthly Archive: September 2004

Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user....

The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer’s certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if...

Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges. Date published : 2004-09-01 http://www.securityfocus.com/bid/9429 http://www.kb.cert.org/vuls/id/337238