Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PostgreSQL Improper Certificate Validation Vulnerability - CVE-2012-0867 - Vulnerability Database
PostgreSQL

PostgreSQL Improper Certificate Validation Vulnerability - CVE-2012-0867

Medium
Reference: CVE-2012-0867
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-0867
Title: PostgreSQL Improper Certificate Validation Vulnerability
Overview:

PostgreSQL 8.4.x before 8.4.11 9.0.x before 9.0.7 and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates which allows remote attackers to spoof connections when the host name is exactly 32 characters.