PT-2009-2820 · Openssl+1 · Openssl+1
Jan Lieskovsky
·
Publicado
2009-01-15
·
Atualizado
2024-08-07
·
CVE-2009-0127
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
M2Crypto (affected versions not specified)
Description
The issue is related to the improper checking of return values from certain OpenSSL functions, which could potentially allow remote attackers to bypass certificate chain validation via a malformed SSL/TLS signature.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Openssl