etc/inc/certs.inc in the PKI implementation in pfSense prior to 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote malicious users to create sub-certificates for arbitrary subjects by leveraging the private key.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pfsense pfsense |
||
pfsense pfsense 1.2.3 |
||
pfsense pfsense 1.2.2 |
||
pfsense pfsense 1.2.1 |
||
pfsense pfsense 1.0.x |