The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 prior to 10.5.7 misinterprets an unspecified invalid response as a successful OCSP certificate validation, which might allow remote malicious users to spoof certificate authentication via a revoked certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x server 10.5.2 |
||
apple mac os x server 10.5.6 |
||
apple mac os x 10.5.2 |
||
apple mac os x 10.5.0 |
||
apple mac os x 10.5.5 |
||
apple mac os x 10.5.6 |
||
apple mac os x server 10.4.11 |
||
apple mac os x server 10.5.0 |
||
apple mac os x 10.5.1 |
||
apple mac os x 10.5.3 |
||
apple mac os x server 10.5.3 |
||
apple mac os x server 10.5.4 |
||
apple mac os x 10.5.4 |
||
apple mac os x server 10.5.1 |