Lucene search

K
cvelistRedhatCVELIST:CVE-2009-0025
HistoryJan 07, 2009 - 5:00 p.m.

CVE-2009-0025

2009-01-0717:00:00
redhat
www.cve.org

7.2 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.4%

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

References