Topic: forged certificates

A new high-severity OpenSSL vulnerability and MapQuest developer tools–SD Times news digest: July 9, 2015

The OpenSSL team has issued a high-severity security advisory. The advisory discloses a new certificate validation vulnerability where during certificate verification, OpenSSL will attempt to find alternative certificate chains if the first validation attempt fails. The vulnerability lies in an implementation error allowing an attacker to forge an invalid certificate and bypass verification. This security issue … continue reading Protection Status