Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2009-3291

Опубликовано: 22 сент. 2009
Источник: debian
EPSS Низкий

Описание

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php5fixed5.2.11.dfsg.1-1package
php5no-dsalennypackage
php5no-dsaetchpackage

Примечания

  • seems to be related to handling of \0 on CN

  • not worth a dsa on its own, php doesn't verify certificates by default

  • experimental is likely to be affected (as of 5.3.0)

EPSS

Процентиль: 82%
0.01865
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2009-3291

ubuntu
почти 16 лет назад

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

redhat логотип

CVE-2009-3291

redhat
почти 16 лет назад

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

nvd логотип

CVE-2009-3291

nvd
почти 16 лет назад

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

github логотип

GHSA-pj82-fpwx-65j3

github
около 3 лет назад

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

oracle-oval логотип

ELSA-2010-0040

oracle-oval
больше 15 лет назад

ELSA-2010-0040: php security update (MODERATE)

EPSS

Процентиль: 82%
0.01865
Низкий