From: Andreas F. <fun...@gm...> - 2013-09-15 10:13:23
|
On the public interface when entering a string value longer than 12 chars in the serial number field (on "Install My Certificate"), perl crashes with a buffer overflow and an internal server error is displayed. However the error does not occur on any length if only numerical characters are entered. I am not the big hacker but you could potentially compromise the CA with that. |