A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
GnuTLS fails to properly enforce permitted name constraints when previous CAs only had excluded constraints, allowing attackers to bypass certificate validation checks. This vulnerability enables acceptance of invalid certificates, potentially facilitating spoofing and man-in-the-middle attacks.
يحتوي GnuTLS على خلل في معالجة قيود أسماء الشهادات حيث يتم تجاهل قيود الأسماء المسموحة بشكل غير صحيح عندما تحتوي سلطات التوقيع السابقة على قيود أسماء مستثناة فقط. يمكن لمهاجم بعيد استغلال هذا الخلل لقبول شهادات غير صالحة وتنفيذ هجمات الانتحال أو الوسيط.
GnuTLS fails to properly enforce permitted name constraints when previous CAs only had excluded constraints, allowing attackers to bypass certificate validation checks. This vulnerability enables acceptance of invalid certificates, potentially facilitating spoofing and man-in-the-middle attacks.
Update GnuTLS to the latest patched version immediately. Verify certificate validation logic in dependent applications. Implement certificate pinning where applicable. Monitor for suspicious certificate validation events in security logs.
قم بتحديث GnuTLS إلى أحدث إصدار مصحح فوراً. تحقق من منطق التحقق من الشهادات في التطبيقات المعتمدة. طبق تثبيت الشهادات حيث ينطبق. راقب أحداث التحقق من الشهادات المريبة في سجلات الأمان.