Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
2004-05-06T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | delegate | delegate | 7.7.0 | Yes |
| Application | delegate | delegate | 7.7.1 | Yes |
| Application | delegate | delegate | 7.8.0 | Yes |
| Application | delegate | delegate | 7.8.1 | Yes |
| Application | delegate | delegate | 7.8.2 | Yes |
| Application | delegate | delegate | 7.9.11 | Yes |
| Application | delegate | delegate | 8.3.3 | Yes |
| Application | delegate | delegate | 8.3.4 | Yes |
| Application | delegate | delegate | 8.4.0 | Yes |
| Application | delegate | delegate | 8.5.0 | Yes |
| Application | delegate | delegate | 8.9 | Yes |
| Application | delegate | delegate | 8.9.1 | Yes |
| Application | delegate | delegate | 8.9.2 | Yes |