• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

yaSSL Unspecified Certificate Chain Processing Vulnerability

yaSSL is susceptible to an unspecified certificate chain processing vulnerability. No further details regarding this issue are currently available.

This issue may allow improper certificates to be used when authenticating connections. An attacker may use forged certificates to carry out various attacks.

It is conjectured that a malicious Web site could take advantage of this by posing as a trusted Web site in phishing style attacks. This could lead to users taking actions such as authenticating or submitting sensitive or private information.

Further information about this issue and its impacts are not currently available. This BID will be updated as further information becomes available.