Total vulnerabilities in the database
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
| Software | From | Fixed in |
|---|---|---|
| gnu / gnutls | - | 2.6.1 |
| fedoraproject / fedora | 9 | 9.x |
| fedoraproject / fedora | 8 | 8.x |
| canonical / ubuntu_linux | 7.10 | 7.10.x |
| canonical / ubuntu_linux | 8.10 | 8.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| debian / debian_linux | 4.0 | 4.0.x |
| suse / linux_enterprise_server | 11 | 11.x |
| suse / linux_enterprise_server | 10 | 10.x |
| suse / linux_enterprise | 11.0 | 11.0.x |
| suse / linux_enterprise | 10.0 | 10.0.x |
| opensuse / opensuse | 10.3 | 11.1.x |