Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-5138HistoryMar 07, 2014 - 12:10 a.m.
CVE-2009-5138
2014-03-0700:10:53
Debian Security Bug Tracker
security-tracker.debian.org
13
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
79.5%
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | gnutls28 | < 3.7.9-2+deb12u3 | gnutls28_3.7.9-2+deb12u3_all.deb |
| Debian | 11 | all | gnutls28 | < 3.7.1-5+deb11u5 | gnutls28_3.7.1-5+deb11u5_all.deb |
| Debian | 999 | all | gnutls28 | < 3.8.5-4 | gnutls28_3.8.5-4_all.deb |
| Debian | 13 | all | gnutls28 | < 3.8.5-4 | gnutls28_3.8.5-4_all.deb |
Related
cve
cve
CVE-2009-5138
2014-03-07 00:10:53
CVE-2014-1959
2014-03-07 00:10:57
prion
prion
Code injection
2014-03-07 00:10:00
Design/Logic Flaw
2014-03-07 00:10:00
nvd
nvd
CVE-2009-5138
2014-03-07 00:10:53
CVE-2014-1959
2014-03-07 00:10:57
cvelist
cvelist
CVE-2009-5138
2014-03-06 18:00:00
CVE-2014-1959
2014-03-06 18:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:58:06
ubuntucve
ubuntucve
CVE-2009-5138
2014-03-07 00:00:00
CVE-2014-1959
2014-02-21 00:00:00
f5
f5
K15623 : GnuTLS vulnerability CVE-2009-5138
2014-10-17 00:00:00
SOL15623 - GnuTLS vulnerability CVE-2009-5138
2014-09-26 00:00:00
openvas
openvas
Fedora Update for gnutls FEDORA-2014-2580
2014-02-20 00:00:00
Fedora Update for mingw-gnutls FEDORA-2014-2583
2014-02-25 00:00:00
Fedora Update for gnutls FEDORA-2014-2580
2014-02-20 00:00:00
securityvulns
securityvulns
[USN-2121-1] GnuTLS vulnerability
2014-02-28 00:00:00
GnuTLS certificates validation vulnerability
2014-02-28 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: gnutls-3.1.20-3.fc20
2014-02-17 21:09:19
[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.21-1.fc20
2014-02-24 12:28:51
[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.21-1.fc19
2014-02-24 12:35:59
mageia
mageia
Updated gnutls packages fix security vulnerability
2014-02-16 17:32:37
nessus
nessus
Fedora 19 : mingw-gnutls-3.1.21-1.fc19 (2014-2565)
2014-02-25 00:00:00
Debian DSA-2866-1 : gnutls26 - certificate verification flaw
2014-02-24 00:00:00
Fedora 20 : mingw-gnutls-3.1.21-1.fc20 (2014-2583)
2014-02-25 00:00:00
debian
debian
[BSA-093] Security Update for gnutls28
2014-02-22 14:11:49
[SECURITY] [DSA 2866-1] gnutls26 security update
2014-02-22 12:39:10
[SECURITY] [DSA 2866-1] gnutls26 security update
2014-02-22 12:39:10
debiancve
debiancve
CVE-2014-1959
2014-03-07 00:10:57
slackware
slackware
gnutls
2014-02-19 20:24:06
checkpoint_advisories
checkpoint_advisories
ubuntu
ubuntu
GnuTLS vulnerability
2014-02-25 00:00:00
suse
suse
Security update for gnutls (critical)
2014-03-04 01:06:51
Security update for gnutls (critical)
2014-03-04 01:08:22
Security update for gnutls (critical)
2014-03-04 01:04:17
ibm
ibm
centos
centos
gnutls security update
2014-03-04 20:51:10
redhat
redhat
(RHSA-2014:0247) Important: gnutls security update
2014-03-03 00:00:00
freebsd
freebsd
gnutls -- multiple certificate verification issues
2014-03-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2014-06-13 00:00:00
oraclelinux
oraclelinux
gnutls security update
2014-03-03 00:00:00
gnutls security update
2014-06-03 00:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
79.5%
Related for DEBIANCVE:CVE-2009-5138