CVE-2009-5144

CVE-2009-5144 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate.

Learn more about our Web Application Penetration Testing UK.