CVE-2009-0128

2009-01-15T12:30:00
ID CVE-2009-0128
Type cve
Reporter NVD
Modified 2009-01-16T00:00:00

Description

plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.