Detections
Analytics

SSL Certificate Chain Contains Illegitimate TURKTRUST Intermediate CA

medium Nessus Plugin ID 63398

Language:

Synopsis

The SSL certificate chain for this service is not to be trusted.

Description

The X.509 certificate chain sent by the remote host either contains or is signed by an intermediate Certificate Authority (CA) that was accidentally issued by TURKTRUST.

Certificate chains descending from this intermediate CA could allow an attacker to perform man-in-the-middle attacks and decode traffic.

Solution

Ensure that your software or operating system blacklists the intermediate CAs.

See Also

http://www.nessus.org/u?3af8d914

http://www.nessus.org/u?c28f2792

http://www.nessus.org/u?d92931ec

http://www.turktrust.com.tr/kamuoyu-aciklamasi.2.html

Plugin Details

Severity: Medium

ID: 63398

File Name: ssl_turktrust.nasl

Version: 1.6

Type: remote

Family: General

Published: 1/7/2013

Updated: 6/16/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score from an in depth analysis done by tenable

CVSS v2

Risk Factor: Medium

Base Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

CVSS Score Source: manual

Vulnerability Information

Required KB Items: Settings/ParanoidReport, SSL/Supported

Vulnerability Publication Date: 12/26/2012