Back to search
CVE-2019-19270
Published: Nov 26, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/proftpd/proftpd/issues/859
x_refsource_MISC
FEDORA-2019-65a983b8b6
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-bfacf1e958
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2020:0031
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now