Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-0265

Опубликовано: 26 янв. 2009
Источник: ubuntu
Приоритет: low
CVSS2: 5
CVSS3: 7.5

Описание

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.

РелизСтатусПримечание
dapper

not-affected

1:9.3.2-2ubuntu1.6
devel

not-affected

1:9.5.0.dfsg.P2-5ubuntu1
gutsy

not-affected

1:9.4.1-P1-3ubuntu2.1
hardy

not-affected

1:9.4.2.dfsg.P2-2ubuntu0.1
intrepid

not-affected

1:9.5.0.dfsg.P2-1ubuntu3.1
upstream

released

9.6.0-P1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2009-0265

CVSS3: 7.5
nvd
почти 17 лет назад

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.

debian логотип

CVE-2009-0265

CVSS3: 7.5
debian
почти 17 лет назад

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not prop ...

github логотип

GHSA-mrwj-9mpp-w94q

CVSS3: 7.5
github
больше 3 лет назад

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.

5 Medium

CVSS2

7.5 High

CVSS3