5.8
CVE-2009-2474
- EPSS 1.38%
- Veröffentlicht 21.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:31
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts
Canonical ≫ Ubuntu Linux Version8.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version8.10
Canonical ≫ Ubuntu Linux Version9.04
Fedoraproject ≫ Fedora Version10
Fedoraproject ≫ Fedora Version11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.38% | 0.685 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
http://secunia.com/advisories/36799
http://www.ubuntu.com/usn/usn-835-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://support.apple.com/kb/HT4435
http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html
http://secunia.com/advisories/36371
http://www.mandriva.com/security/advisories?name=MDVSA-2009:221
http://www.vupen.com/english/advisories/2009/2341
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00924.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00945.html
http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html
http://www.securityfocus.com/bid/36079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11721