CVE-2008-2420

EPSS 0.49%

發布日:2008/5/23修改日:2026/5/26

也稱為:DEBIAN-CVE-2008-2420

描述

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.

受影響套件(1)

Debian/stunnel4from 0, < 3:4.22-1.1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2420