Описание
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.3.15-1 |
| gutsy | DNE | |
| hardy | ignored | end of life |
| intrepid | released | 1.3.6-1lenny3build0.8.10.1 |
| jaunty | not-affected | 1.3.13-1 |
| karmic | not-affected | 1.3.15-1 |
| lucid | not-affected | 1.3.15-1 |
| maverick | not-affected | 1.3.15-1 |
| natty | not-affected | 1.3.15-1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Re ...
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
EPSS
5 Medium
CVSS2