exploitDog

CVE-2009-0025

Опубликовано: 07 янв. 2009

Источник: redhat

CVSS2: 4.3

EPSS Низкий

Описание

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=478984bind: DSA_do_verify() returns check issue

EPSS

Процентиль: 88%

0.03902

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2009-0025

ubuntu

больше 16 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

CVE-2009-0025

nvd

больше 16 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

CVE-2009-0025

debian

больше 16 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check t ...

GHSA-hcwf-6ghh-6m6f

github

больше 3 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

ELSA-2009-0020

oracle-oval

больше 16 лет назад

ELSA-2009-0020: bind security update (MODERATE)

EPSS

Процентиль: 88%

0.03902

Низкий

4.3 Medium

CVSS2