CVE-2009-0130

Name of the Vulnerable Software and Affected Versions Erlang (affected versions not specified)

Description The issue is related to the improper checking of the return value from the OpenSSL DSA do verify function in the Erlang crypto drv.c module. This might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature. However, it is noted that a package maintainer disputes this issue, stating that there is a proper check within the applicable part of the code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.