SecuritySpace - CVE-2015-5894

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung: CVE-2015-5894

Beschreibung: The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.

Test Kennungen: Nicht verfügbar

Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2015-5894
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
BugTraq ID: 76908
http://www.securityfocus.com/bid/76908
http://www.securitytracker.com/id/1033703

CVE Kennung:	CVE-2015-5894
Beschreibung:	The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.
Test Kennungen:	Nicht verfügbar
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5894 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 76908 http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703