Lucene search
GoogleOSV:DSA-1701-1HistoryJan 12, 2009 - 12:00 a.m.
openssl openssl097 - cryptographic weakness
2009-01-1200:00:00
Google
osv.dev
7
0.007 Low
EPSS
Percentile
81.0%
It was discovered that OpenSSL does not properly verify DSA signatures
on X.509 certificates due to an API misuse, potentially leading to the
acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077).
For the stable distribution (etch), this problem has been fixed in
version 0.9.8c-4etch4 of the openssl package, and version
0.9.7k-3.1etch2 of the openssl097 package.
For the unstable distribution (sid), this problem has been fixed in
version 0.9.8g-15.
The testing distribution (lenny) will be fixed soon.
We recommend that you upgrade your OpenSSL packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openssl | eq | 0.9.8c-4 | |
| openssl | eq | 0.9.8c-4etch1 | |
| openssl | eq | 0.9.8c-4etch2 | |
| openssl | eq | 0.9.8c-4etch3 | |
| openssl | eq | 0.9.8c-4etch3+m68k1 |
References
Related
nessus
nessus
SuSE 10 Security Update : openssl (ZYPP Patch Number 5949)
2009-09-24 00:00:00
Fedora 10 : openssl-0.9.8g-12.fc10 (2009-0331)
2009-04-23 00:00:00
openSUSE Security Update : compat-openssl097g (compat-openssl097g-480)
2009-07-21 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-0419 (tqsllib)
2009-01-20 00:00:00
CentOS Update for openssl097a CESA-2009:0004 centos5 i386
2011-08-09 00:00:00
SLES10: Security update for compat-openssl097g
2009-10-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8j-alt1
2009-01-08 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8j-alt1
2009-01-08 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.8j-alt1
2009-01-08 00:00:00
debian
debian
[SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness
2009-01-12 20:03:29
ubuntu
ubuntu
OpenSSL vulnerability
2009-01-07 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: tqsllib-2.0-5.fc9
2009-01-15 03:07:29
[SECURITY] Fedora 10 Update: tqsllib-2.0-5.fc10
2009-01-15 02:55:49
[SECURITY] Fedora 10 Update: openssl-0.9.8g-12.fc10
2009-01-08 04:19:50
debiancve
debiancve
seebug
seebug
OpenSSL 'EVP_VerifyFinal'ε½ζ°ηΎειͺθ―ζΌζ΄
2009-01-08 00:00:00
cvelist
cvelist
gentoo
gentoo
OpenSSL: Certificate validation error
2009-02-12 00:00:00
ntp: Certificate validation error
2009-04-05 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2008-5077
2009-01-07 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:02.openssl
2009-01-07 00:00:00
ubuntucve
ubuntucve
suse
suse
SSL certificate checking bypass in openssl
2009-01-23 16:31:52
oraclelinux
oraclelinux
openssl security update
2009-01-07 00:00:00
centos
centos
openssl, openssl095a, openssl096 security update
2009-02-02 23:30:18
openssl, openssl096b, openssl097a security update
2009-01-07 22:28:50
veracode
veracode
Man-in-the-Middle (MitM)
2020-04-10 00:30:43
prion
prion
Input validation
2009-01-07 17:30:00
Input validation
2009-01-15 17:30:00
Design/Logic Flaw
2009-02-12 23:30:00
redhat
redhat
(RHSA-2009:0004) Important: openssl security update
2009-01-07 00:00:00
securityvulns
securityvulns
nvd
nvd
cve
cve
f5
f5
SOL9889 - NTP vulnerability CVE-2009-0021
2009-04-05 00:00:00
K9889 : NTP vulnerability CVE-2009-0021
2013-03-25 00:00:00