IETF X.509 Certificate Signature vpn concentrator 3015 vulnerability

Unanswered Question
Mar 31st, 2009
User Badges:

Hi to all,

I have a VPN Concentrator Type: 3015 with the Software Rev: Cisco Systems, Inc./VPN 3000 Concentrator Version 4.1.2.Rel Feb 26 2004 14:09:47 and the vulnerability department found this during a test:

IETF X.509 Certificate Signature Collision Vulnerability, A vulnerability exists in X.509 certificates which, when signed using message-digest algorithms that allow collisions, may allow for phishing attacks.

Do you know what can be done to solve this vulnerability???

Thanks in advance for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion