22 May 2008, 13:36

Stunnel accepts blocked certificates

An update for the stunnel SSL wrapper has been issued in order to close a hole in its handling of x.509 certificates. Due to an error in a function that uses the Online Certificate Status Protocol (OCSP) to check the validity of certificates, an attacker can log in successfully using an already blocked certificate. The developers recommend users of the OCSP function to upgrade to stunnel version 4.24 as soon as possible.

Also on The H:

Mozilla calls for tighter controls on sub-CAs
Mozilla considers removing Trustwave CA
Google wants to do away with online certificate checks
Trustwave issued a man-in-the-middle certificate
Worth Reading: Certificate Request? Ask Later!
Many weak web server certificates threaten online shopping

Share this article

Stunnel accepts blocked certificates

Also on The H:

Booting up: Tools and tips for systemd

Kernel Log: Coming in 3.4 (Part 3) - Graphics drivers

Control Centre: The systemd Linux init system

Kernel Log: Coming in 3.4 (Part 2) - Filesystems, storage and drivers

Kernel Log: Coming in 3.4 (Part 1) - Infrastructure

Monopoly madness

What's new in Linux 3.4

A Practical Internet of Things

Microsoft's struggle against bugs

CSI:Internet - Open heart surgery

CSI:Internet - A trip into RAM

The H Update Check

What's new in Linux 3.3

Building a GSM network with open source

CSI:Internet - Controlled from the beyond

Price Insight Top 10 powered by Skinflint

The H

The H open source

The H Security

The H Internet Toolkit