SSL Server Spoofing Vulnerability in Apple iOS

SSL Server Spoofing Vulnerability in Apple iOS

CVE-2011-0228 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain.

Learn more about our Cis Benchmark Audit For Apple Ios.