exploitDog

CVE-2009-0129

Опубликовано: 11 янв. 2009

Источник: redhat

EPSS Низкий

Описание

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=486012perl-Crypt-OpenSSL-DSA: do_verify() doesn't fail on errors in OpenSSL DSA_do_verify()

EPSS

Процентиль: 23%

0.00075

Низкий

Связанные уязвимости

CVE-2009-0129

ubuntu

почти 17 лет назад

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

CVE-2009-0129

nvd

почти 17 лет назад

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

CVE-2009-0129

debian

почти 17 лет назад

libcrypt-openssl-dsa-perl does not properly check the return value fro ...

GHSA-cvwp-gwp2-6xqh

github

больше 3 лет назад

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

EPSS

Процентиль: 23%

0.00075

Низкий