Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-0591HistoryMar 27, 2009 - 4:30 p.m.
CVE-2009-0591
2009-03-2716:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.008 Low
EPSS
Percentile
81.4%
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openssl | < 3.0.11-1~deb12u2 | openssl_3.0.11-1~deb12u2_all.deb |
| Debian | 11 | all | openssl | < 1.1.1w-0+deb11u1 | openssl_1.1.1w-0+deb11u1_all.deb |
| Debian | 10 | all | openssl | < 1.1.1n-0+deb10u3 | openssl_1.1.1n-0+deb10u3_all.deb |
| Debian | 999 | all | openssl | < 3.2.1-3 | openssl_3.2.1-3_all.deb |
| Debian | 13 | all | openssl | < 3.2.1-3 | openssl_3.2.1-3_all.deb |
Related
prion
prion
Design/Logic Flaw
2009-03-27 16:30:00
ubuntucve
ubuntucve
CVE-2009-0591
2009-03-27 00:00:00
f5
f5
K15369 : OpenSSL vulnerability CVE-2009-0591
2014-06-23 00:00:00
SOL15369 - OpenSSL vulnerability CVE-2009-0591
2014-06-23 00:00:00
nessus
nessus
OpenSSL < 0.9.8k Signature Repudiation
2012-01-04 00:00:00
Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : openssl (SSA:2009-098-01)
2009-04-08 00:00:00
openSUSE Security Update : libopenssl-devel (libopenssl-devel-786)
2009-07-21 00:00:00
cvelist
cvelist
CVE-2009-0591
2009-03-27 16:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-0591
2009-03-25 00:00:00
openvas
openvas
OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Linux
2021-08-13 00:00:00
HP-UX Update for OpenSSL HPSBUX02435
2009-07-17 00:00:00
cve
cve
CVE-2009-0591
2009-03-27 16:30:00
slackware
slackware
openssl
2009-04-07 23:29:36
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 0.9.8k-alt1
2009-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8k-alt1
2009-03-25 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 0.9.8k-alt1
2009-03-25 00:00:00
threatpost
threatpost
Multiple vulnerabilities found, fixed in OpenSSL
2009-03-26 23:43:56