Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Q-325: gnutls11 Cryptographic Weakness

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Q-325: gnutls11 Cryptographic Weakness
# 1  
Old 12-24-2007
Q-325: gnutls11 Cryptographic Weakness
A flaw in GNU TLS cryptographic package that could allow an attacker to generate a forged signature that GNU TLS will accept as valid. The risk is LOW. Could allow an attacker to generate a forged signature that will be accepted as valid.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Assigning cryptographic resources to the control domain

Sun documentation suggests that we need to assign cryptographic resources to the control domain as part of the initial configuration. I searched the documentation to better understand the purpose of this and know recommendation/limitation. I am doing this for Netra T5220 and wondering if the... (5 Replies)
Discussion started by: StarSol
5 Replies

2. UNIX for Advanced & Expert Users

Weakness in Perl CGI causes memory dump ??

I have discovered a curious phenomenon in GCI. I need some advice from someone far more adept. Is this a bug or potential security weakness? Context: Redhat 8.0 on xx86 (pentium 3) Apache 2.0, Perl 5.80 Background: I've been trying to harden a web application which accepts user uploaded... (0 Replies)
Discussion started by: andyj
0 Replies
Login or Register to Ask a Question

LEARN ABOUT SUNOS

crypto_certs

crypto_certs(4) 						   File Formats 						   crypto_certs(4)

NAME

       crypto_certs - directory for certificate files for Solaris Cryptographic Framework

SYNOPSIS

       /etc/crypto/certs/CA

       /etc/crypto/certs/SUNWosnet

DESCRIPTION

       The /etc/crypto/certs directory contains ASN.1 BER or PEM encoded certificate files for use by the Solaris Cryptographic Framework.

       A  default  installation  contains  only two certificates. The CA certificate is the trust anchor for all other certificates. The SUNWosnet
       certificate contains the certificate use to sign the Solaris user and kernel cryptographic plug-ins.

       Additional certificates my be installed by third-party cryptographic providers. They  should  either  be  copied  to  /etc/crypto/certs	or
       included in the package that delivers the provider.

       Only  certificates  that are issued by the CA certificate are accepted by the Solaris Cryptographic Framework. This restriction is in place
       due to US Export Law on the export of open cryptographic interfaces at the time of shipping this revision of the product.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       elfsign(1), libpkcs11(3LIB), attributes(5)

SunOS 5.10							    26 Feb 2004 						   crypto_certs(4)