Lucene search
Redhat.comRH:CVE-2009-0653HistoryOct 30, 2015 - 10:27 a.m.
CVE-2009-0653
2015-10-3010:27:20
redhat.com
access.redhat.com
9
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.011
Percentile
85.0%
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.
Related
debiancve
debiancve
CVE-2009-0653
2009-02-20 19:30:00
cvelist
cvelist
CVE-2009-0653
2009-02-20 19:00:00
CVE-2002-0970
2004-09-01 04:00:00
nvd
nvd
CVE-2009-0653
2009-02-20 19:30:00
CVE-2002-0970
2002-09-24 04:00:00
cve
cve
CVE-2009-0653
2009-02-20 19:30:00
CVE-2002-0970
2004-09-01 04:00:00
prion
prion
Sql injection
2009-02-20 19:30:00
nessus
nessus
OpenSSL 0.9.6 CA Basic Constraints Validation Vulnerability
2012-01-04 00:00:00
Debian DSA-155-1 : kdelibs - privacy escalation with Konqueror
2004-09-29 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2002:058)
2004-07-31 00:00:00
ubuntucve
ubuntucve
CVE-2009-0653
2009-02-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 155-1 (kdelibs)
2008-01-17 00:00:00
Debian Security Advisory DSA 155-1 (kdelibs)
2008-01-17 00:00:00
OpenSSL CA Certificate Security Bypass Vulnerability
2009-03-02 00:00:00
osv
osv
kdelibs - privacy escalation with Konqueror
2002-08-17 00:00:00
redhat
redhat
(RHSA-2003:003) kdelibs security update
2003-02-17 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.011
Percentile
85.0%
Related for RH:CVE-2009-0653