NVD

Id
10699  
Name
CVE-2011-4197  
Description
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2012-01-03  
Modified Date
2012-01-03  
Seq
2011-4197  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
60363 10699 CVE-2011-4197 20111222 [MATTA-2011-001] pfSense x509 Insecure Certificate Creation  View
60364 10699 CVE-2011-4197 51169  View
60365 10699 CVE-2011-4197 pfsense-x509-security-bypass(71969)  View
60366 10699 CVE-2011-4197 https://github.com/bsdperimeter/pfsense/commit/1379d66f11aaf72982a70287b83e24efcd18898e  View
60367 10699 CVE-2011-4197 https://github.com/bsdperimeter/pfsense/commit/87b4deb2b2dae9013e6aa0fe490d6a5a04a27894  View
60368 10699 CVE-2011-4197 https://www.trustmatta.com/advisories/MATTA-2011-001.txt  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33370 JVNDB-2011-003610 pfSense における証明書を作成される脆弱性 pfSense の PKI 実装における etc/inc/certs.inc には、CA basic constraint を true 値とする X.509 証明書を作成することで、任意のサブジェクトを含む中間証明書を作成される脆弱性が存在します。 CVE-2011-4197 52104 CVE-2011-4197 10699 7.5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003610.html 2011-12-20 2012-01-06 View