Description
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2023-22096 Vulnerability (CVE-2023-22096)
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.1)
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595)