Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-5077

Опубликовано: 07 янв. 2009
Источник: ubuntu
Приоритет: high
EPSS Низкий
CVSS2: 5.8

Описание

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

РелизСтатусПримечание
dapper

released

0.9.8a-7ubuntu0.6
devel

released

0.9.8g-14ubuntu2
gutsy

released

0.9.8e-5ubuntu3.3
hardy

released

0.9.8g-4ubuntu3.4
intrepid

released

0.9.8g-10.1ubuntu2.1
upstream

released

0.9.8j

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.01066
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-5077

redhat
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

nvd логотип

CVE-2008-5077

nvd
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

debian логотип

CVE-2008-5077

debian
больше 16 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value fr ...

github логотип

GHSA-5fwv-px3v-6qxv

github
около 3 лет назад

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

oracle-oval логотип

ELSA-2009-0004

oracle-oval
больше 16 лет назад

ELSA-2009-0004: openssl security update (IMPORTANT)

EPSS

Процентиль: 77%
0.01066
Низкий

5.8 Medium

CVSS2