Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2008-5077

Опубликовано: 07 янв. 2009
Источник: debian
EPSS Низкий

Описание

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
opensslfixed0.9.8g-15package

EPSS

Процентиль: 78%
0.01215
Низкий

Связанные уязвимости

ubuntu
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

redhat
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

nvd
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

github
около 3 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

oracle-oval
больше 16 лет назад

ELSA-2009-0004: openssl security update (IMPORTANT)

EPSS

Процентиль: 78%
0.01215
Низкий