Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-5077

Опубликовано: 07 янв. 2009
Источник: redhat

Описание

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=476671OpenSSL Incorrect checks for malformed signatures

Связанные уязвимости

ubuntu логотип

CVE-2008-5077

ubuntu
почти 17 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

nvd логотип

CVE-2008-5077

nvd
почти 17 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

debian логотип

CVE-2008-5077

debian
почти 17 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value fr ...

github логотип

GHSA-5fwv-px3v-6qxv

github
больше 3 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

oracle-oval логотип

ELSA-2009-0004

oracle-oval
почти 17 лет назад

ELSA-2009-0004: openssl security update (IMPORTANT)