Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2008-4989
HistoryNov 13, 2008 - 12:00 a.m.

CVE-2008-4989

2008-11-1300:00:00
mitre
www.cve.org
6

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

56.2%

JSON

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).

References

Related

securityvulns 3
openvas 43
prion 1
nessus 34
seebug 1
nvd 1
cve 1
ubuntu 3
freebsd 1
oraclelinux 1
altlinux 2
debian 2
fedora 4
osv 1
slackware 1
gentoo 1
centos 1
redhat 1
ubuntucve 1
securityvulns
securityvulns
GnuTLS certificates spoofing
2008-11-14 00:00:00
[ MDVSA-2008:227 ] gnutls
2008-11-14 00:00:00
[USN-809-1] GnuTLS vulnerabilities
2009-08-20 00:00:00
openvas
openvas
SLES10: Security update for GnuTLS
2009-10-13 00:00:00
Fedora Update for gnutls FEDORA-2008-10000
2009-02-16 00:00:00
SLES10: Security update for GnuTLS
2009-10-13 00:00:00
prion
prion
Code injection
2008-11-13 01:00:00
nessus
nessus
openSUSE Security Update : gnutls (gnutls-605)
2009-07-21 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : gnutls12, gnutls13, gnutls26 regression (USN-678-2)
2009-04-23 00:00:00
SuSE 11 Security Update : GnuTLS (SAT Patch Number 632)
2009-09-24 00:00:00
seebug
seebug
GnuTLS X.509证书链ιͺŒθ―ζΌζ΄ž
2008-11-12 00:00:00
nvd
nvd
CVE-2008-4989
2008-11-13 01:00:01
cve
cve
CVE-2008-4989
2008-11-13 01:00:01
ubuntu
ubuntu
GnuTLS regression
2008-12-10 00:00:00
GnuTLS vulnerability
2008-11-26 00:00:00
GnuTLS vulnerabilities
2009-08-19 00:00:00
freebsd
freebsd
gnutls -- X.509 certificate chain validation vulnerability
2008-11-10 00:00:00
oraclelinux
oraclelinux
gnutls security update
2008-11-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package gnutls30 version 2.6.3-alt1
2008-12-21 00:00:00
Security fix for the ALT Linux 10 package gnutls30 version 2.6.3-alt1
2008-12-21 00:00:00
debian
debian
[SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation
2009-02-10 07:00:19
[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression
2009-02-28 11:44:38
fedora
fedora
[SECURITY] Fedora 8 Update: gnutls-1.6.3-5.fc8
2008-11-12 03:00:29
[SECURITY] Fedora 10 Update: gnutls-2.4.2-3.fc10
2008-11-22 16:51:32
[SECURITY] Fedora 9 Update: gnutls-2.0.4-4.fc9
2008-11-12 02:52:29
osv
osv
gnutls13 - certificate validation
2009-02-10 00:00:00
slackware
slackware
[slackware-security] gnutls
2008-11-11 03:18:27
gentoo
gentoo
GnuTLS: Certificate validation error
2009-01-14 00:00:00
centos
centos
gnutls security update
2008-11-11 21:05:18
redhat
redhat
(RHSA-2008:0982) Moderate: gnutls security update
2008-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2008-4989
2008-11-12 00:00:00

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

56.2%

JSON
Related for CVELIST:CVE-2008-4989
securityvulns3openvas43prion1nessus34seebug1nvd1cve1ubuntu3freebsd1oraclelinux1altlinux2debian2fedora4osv1slackware1gentoo1centos1redhat1ubuntucve1