Vulnerabilities

CVE-2020-7041

by Fred · 27/02/2020

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.

Date published : 2020-02-27

https://github.com/adrienverge/openfortivpn/commit/60660e00b80bad0fadcf39aee86f6f8756c94f91

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SRVVNXCNTNMPCIAZIVR4FAGYCSU53FNA/

Similar

Tags: Cybersecurity Alert