Detections
Analytics

Google Chrome < 13.0.782.218 Out of Date CA List (deprecated)

medium Nessus Network Monitor Plugin ID 6020

Synopsis

The remote host contains a web browser that uses an out of date certificate authority list.

Description

Versions of Google Chrome earlier than 13.0.782.218 use an out of date certificate authority list. Due to the issuance of several fraudulent SSL certificates, the certificate authority DigiNotar has been disabled in Google Chrome.

Solution

Upgrade to Google Chrome 13.0.782.218 or later.

See Also

http://googlechromereleases.blogspot.com/2011/08/stable-update.html

http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html

http://codereview.chromium.org/7791032/diff/2001/net/base/x509_certificate.cc

Plugin Details

Severity: Medium

ID: 6020

Family: Web Clients

Published: 8/31/2011

Updated: 1/15/2016

Nessus ID: 56023

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 8/30/2011

Vulnerability Publication Date: 8/29/2011