Show filters
18 Total Results
Displaying 11-18 of 18
Sort by:
Attacker Value
Unknown

CVE-2009-0050

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2009-0049

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2009-0047

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2009-0051

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2009-0046

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2009-0025

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
0
0
Attacker Value
Unknown

CVE-2008-5077

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
0
0
Attacker Value
Unknown

CVE-2009-0021

Disclosure Date: January 07, 2009 (last updated October 04, 2023)
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
0
0
View More Topics  < Previous