CVE-2009-1417

Name of the Vulnerable Software and Affected Versions GnuTLS versions prior to 2.6.6

Description The issue affects the gnutls package in Gentoo Linux, allowing remote attackers to exploit multiple vulnerabilities and compromise the confidentiality, integrity, and availability of protected information. Specifically, gnutls-cli in GnuTLS does not verify the activation and expiration times of X.509 certificates, enabling attackers to present invalid or expired certificates. This is related to the lack of time checks in the gnutls x509 verify certificate function.

Recommendations For versions prior to 2.6.6, update to version 2.6.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the gnutls x509 verify certificate function until a patch is available. Additionally, ensure proper verification of X.509 certificate activation and expiration times to minimize the risk of exploitation.