Описание
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.6.3-4ubuntu1.1 |
| devel | not-affected | 2.2.1-2build1 |
| gutsy | released | 2.0.0-1ubuntu1.1 |
| hardy | released | 2.1.1-2ubuntu1.1 |
| intrepid | released | 2.2.0-1ubuntu0.1 |
| upstream | released | 2.2.1-2 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Lasso 2.2.1 and earlier does not properly check the return value from ...
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить целостность защищаемой информации
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить целостность защищаемой информации
EPSS
4.3 Medium
CVSS2