CVE-2012-4566 in radsecproxyИнформация

Сводка (Английский)

The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Резервировать

21.08.2012

Раскрытие

19.11.2012

Статус

Подтверждённый

Записи

VulDB provides additional information and datapoints for this CVE:

ИД	Уязвимость	CWE	Экс	Кон	CVE
62999	Uninett radsecproxy Access Restriction эскалация привилегий	264	Не определено	Официальное исправление	CVE-2012-4566

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

Источники

◂ ПредыдущийОбзорДалее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!