One way to exploit this flaw would be for a remote attacker who is in control of a malicious server or who can use a 'man in the middle' attack to present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, bypassing validation.
In my opinion, this statement is not very clear. After reading the advisory, I was under the impression that the validation of the DSA/ECDSA signature of the SSL/TLS server certificate could be bypassed.
After looking into the code more closely, I am pretty confident that this is not possible. However, I do realize that the validation of the signatures in the SSL/TLS protocol messages can be bypassed, possibly allowing an attacker to take part in the key exchange process.
Are these assumptions correct? Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
