Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-5146

Опубликовано: 16 мар. 2015
Источник: redhat
CVSS2: 5

Описание

[REJECTED CVE] A memory leak flaw was fix in the hostname TLS extension. This flaw was introduced with the backport of the TLS extension code first introduced in version 0.9.8k of openssl.

Отчет

This issue did not affect any versions of OpenSSL as shipped with Red Hat Enterprise Linux 5, 6, and 7. Also, this CVE has been rejected, because investigation showed that it was not a security issue. Red Hat has evaluated this issue and determined that it does not meet the criteria to be classified as a security vulnerability. This assessment is based on the issue not posing a significant security risk, being a result of misconfiguration or usage error, or falling outside the scope of security considerations. As such, this CVE has been marked as "Rejected" in alignment with Red Hat's vulnerability management policies. If you have additional information or concerns regarding this determination, please contact Red Hat Product Security for further clarification.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5opensslNot affected
Red Hat Enterprise Linux 5openssl097aNot affected
Red Hat Enterprise Linux 6opensslNot affected
Red Hat Enterprise Linux 6openssl098eNot affected
Red Hat Enterprise Linux 7opensslNot affected
Red Hat Enterprise Linux 7openssl098eNot affected
Red Hat Enterprise Virtualization 3mingw-virt-viewerNot affected
Red Hat JBoss Enterprise Application Platform 6opensslNot affected
Red Hat JBoss Enterprise Web Server 1opensslNot affected
Red Hat JBoss Enterprise Web Server 2opensslNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:
CWE-401
https://bugzilla.redhat.com/show_bug.cgi?id=1203232openssl: memory leak in hostname TLS extension

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-5146

ubuntu
почти 6 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

nvd логотип

CVE-2009-5146

nvd
почти 6 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

suse-cvrf логотип

SUSE-SU-2015:0553-2

suse-cvrf
почти 11 лет назад

Security update for compat-openssl098

suse-cvrf логотип

SUSE-SU-2015:0553-1

suse-cvrf
почти 11 лет назад

Security update for compat-openssl098

suse-cvrf логотип

SUSE-SU-2015:1182-2

suse-cvrf
около 11 лет назад

Security update for OpenSSL

5 Medium

CVSS2