Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-0025

Опубликовано: 07 янв. 2009
Источник: redhat
CVSS2: 4.3

Описание

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=478984bind: DSA_do_verify() returns check issue

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-0025

ubuntu
около 17 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

nvd логотип

CVE-2009-0025

nvd
около 17 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

debian логотип

CVE-2009-0025

debian
около 17 лет назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check t ...

github логотип

GHSA-hcwf-6ghh-6m6f

github
почти 4 года назад

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

oracle-oval логотип

ELSA-2009-0020

oracle-oval
около 17 лет назад

ELSA-2009-0020: bind security update (MODERATE)

4.3 Medium

CVSS2