CVE-2007-5810

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

Link	Resource
http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html	Patch
http://secunia.com/advisories/27421	Patch Vendor Advisory
http://www.securityfocus.com/bid/26271
http://osvdb.org/42026
http://www.vupen.com/english/advisories/2007/3666

Configuration 1

cpe:2.3:a:hitachi:web_server:02_02:*:hpux(ipf):*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_02_d:*:hpux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:solaris:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux(ipf):*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:turbolinux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00:*:hpux(ipf):*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_02:*:hpux:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_02_e:*:aix:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00_01:*:solaris:*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_02:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:windows:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_00:*:solaris:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00:*:aix:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_01:*:turbolinux:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_06_a:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_01:*:aix:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00:*:windows:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_01:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_04_b:*:windows:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_00:*:hpux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00_a:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:aix:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_01_d:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_04_b:*:aix:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_00:*:hpux:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00_01:*:windows:*:*:*:*:* cpe:2.3:a:hitachi:web_server:01_02_d:*:solaris:*:*:*:*:* cpe:2.3:a:hitachi:web_server:02_04_b:*:solaris:*:*:*:*:* cpe:2.3:a:hitachi:web_server:03_00:*:linux:*:*:*:*:* cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*

---

Published : 2007-11-05 05:46

Updated : 2011-03-08 03:01

---

NVD link : CVE-2007-5810

Mitre link : CVE-2007-5810

No products.

CWE-20