Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » OpenSSL patches serious certificate forgery vulnerability

OpenSSL patches serious certificate forgery vulnerability

2015/07/09

Securityweek - (International) OpenSSL developers released patches for a high severity alternative chain certificate forgery flaw, in which an attacker could bypass untrusted certificate checks and issue invalid certificates. The vulnerability affects versions 1.0.1n and 1.0.2b.

Source: http://www.securityweek.com/openssl-patches-serious-certificate-forgery-vulnerability

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:41