Multiple Browser Wildcard Cerficate: Validation Weakness

Users of Multiple Browser Wildcard Cerficate please be advised of a Validation Weakness vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

wp-10-0001: wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness

Details ------- RFC 2818 covers the requirements for matching CNs and subjectAltNames in order to establish valid SSL connections. It first discusses CNs that are for hostnames, and the rules for wildcards in this case. The next paragraph in the RFC then discusses CNs that are IP addresses: 'In some cases, the URI is specified as an IP address rather than a hostname. In this case, the iPAddress subjectAltName must be present in the certificate and must exactly match the IP in the URI.'Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/cEJzMt