Entrust ESP Certificate Path Verification Vulnerability
BID:25471
Info
Entrust ESP Certificate Path Verification Vulnerability
| Bugtraq ID: | 25471 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-4594 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 28 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Entrust Entelligence Security Provider 8 |
| Not Vulnerable: | |
Discussion
Entrust ESP Certificate Path Verification Vulnerability
Entrust ESP fails to properly validate certificate chains.
Successfully exploiting this issue may allow attackers to use invalid security certificates, possibly aiding them in further attacks.
Entrust Entelligence Security Provider 8 is vulnerable to this issue; other versions may also be affected.
Entrust ESP fails to properly validate certificate chains.
Successfully exploiting this issue may allow attackers to use invalid security certificates, possibly aiding them in further attacks.
Entrust Entelligence Security Provider 8 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Entrust ESP Certificate Path Verification Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Entrust ESP Certificate Path Verification Vulnerability
Solution:
The vendor released patch 132192 to address this issue. The patch is available to customers through the vendor's customer portal website. Contact the vendor for more information.
Solution:
The vendor released patch 132192 to address this issue. The patch is available to customers through the vendor's customer portal website. Contact the vendor for more information.
References
Entrust ESP Certificate Path Verification Vulnerability
References:
References: