Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-0049

Опубликовано: 07 янв. 2009
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:eid:eidlib:*:*:*:*:*:*:*:*
Версия до 2.6.0 (включая)

EPSS

Процентиль: 32%
0.0012
Низкий

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2009-0049

ubuntu
почти 17 лет назад

Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.

debian логотип

CVE-2009-0049

debian
почти 17 лет назад

Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly ch ...

github логотип

GHSA-j42w-rpgw-49cw

github
больше 3 лет назад

Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.

EPSS

Процентиль: 32%
0.0012
Низкий

5 Medium

CVSS2

Дефекты

CWE-287