RSS   Vulnerabilities for 'Openntpd'   RSS

2017-01-31
 
CVE-2016-5117

 

 
OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate.

 


Copyright 2024, cxsecurity.com

 

Back to Top