Lucene search
NginxNGINX:CVE-2009-3555HistoryNov 09, 2009 - 5:30 p.m.
The renegotiation vulnerability in SSL protocol
2009-11-0917:30:00
cve.mitre.org
174
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
64.3%
The renegotiation vulnerability in SSL protocol
Severity: major
CVE-2009-3555
Not vulnerable: 0.8.23+, 0.7.64+
Vulnerable: 0.1.0-0.8.22
References
Related
openvas
openvas
RedHat Update for nss RHSA-2010:0165-01
2010-03-31 00:00:00
Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)
2010-02-19 00:00:00
Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)
2010-02-11 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: nss-util-3.12.5-1.fc12.1
2009-12-10 04:13:15
[SECURITY] Fedora 12 Update: nss-3.12.6-1.2.fc12
2010-03-12 04:18:37
[SECURITY] Fedora 12 Update: gnutls-2.8.6-2.fc12
2010-06-25 18:15:19
nessus
nessus
SuSE9 Security Update : IBM Java 1.4.2 (YOU Patch Number 12621)
2010-06-11 00:00:00
openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)
2009-11-18 00:00:00
openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)
2009-11-19 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:337 ] proftpd
2009-12-22 00:00:00
[ MDVSA-2009:295 ] apache
2009-11-09 00:00:00
SSL data injection
2010-02-10 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-04-10 00:36:56
fortinet
fortinet
FortiOS SSL Deep-Inspection possible Insecure Renegotiation
2017-11-03 00:00:00
debian
debian
[SECURITY] [DSA-2141-2] New nss packages fix protocol design flaw
2011-01-05 23:20:31
[SECURITY] [DSA-2141-4] New lighttpd packages fix regression
2011-01-12 18:51:18
ubuntu
ubuntu
nss vulnerability
2010-06-29 00:00:00
NSS vulnerability
2010-07-23 00:00:00
Apache vulnerability
2010-09-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 0.9.8l-alt1
2009-11-07 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8l-alt1
2009-11-07 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8l-alt1
2009-11-07 00:00:00
redhat
redhat
(RHSA-2010:0164) Moderate: openssl097a security update
2010-03-25 00:00:00
(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update
2010-03-17 00:00:00
(RHSA-2010:0165) Moderate: nss security update
2010-03-25 00:00:00
seebug
seebug
ProFTPD TLS会话重协商明文数据注入漏洞
2009-12-15 00:00:00
TLS Renegotiation Vulnerability PoC Exploit
2009-12-21 00:00:00
suse
suse
man-in-the-middle attack in openssl
2009-11-18 09:50:39
cve
cve
CVE-2009-3555
2009-11-09 17:30:00
hackerone
hackerone
LocalTapiola: Secure Client-Initiated Renegotiation
2017-12-27 15:57:52
Slack: TLS1/SSLv3 Renegotiation Vulnerability
2014-04-02 13:01:00
mozilla
mozilla
Update NSS to support TLS renegotiation indication — Mozilla
2010-03-30 00:00:00
slackware
slackware
openssl
2009-11-16 13:42:36
oraclelinux
oraclelinux
openssl097a security update
2010-03-25 00:00:00
nss security update
2010-03-25 00:00:00
cisco
cisco
Transport Layer Security Renegotiation Vulnerability
2009-11-09 13:00:00
centos
centos
openssl097a security update
2010-03-27 17:44:36
nspr, nss security update
2010-03-28 15:36:50
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against TLS and SSL Spoofing Vulnerability
2010-02-09 00:00:00
TLS Client Initiated Renegotiation (CVE-2009-3555)
2009-11-23 00:00:00
TLS Renegotiation (CVE-2009-3555)
2009-11-22 00:00:00
github
github
Apache Tomcat affected by vulnerability in TLS and SSL protocol
2022-05-02 03:46:22
ibm
ibm
prion
prion
Cross site request forgery (csrf)
2009-11-09 17:30:00
packetstorm
packetstorm
TLS Renegotiation Exploit
2009-12-21 00:00:00
exploitpack
exploitpack
TLS - Renegotiation
2009-12-21 00:00:00
f5
f5
SOL10737 - SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541
2009-11-05 00:00:00
K10737 : SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541
2013-07-05 00:00:00
cert
cert
SSL and TLS protocols renegotiation vulnerability
2009-11-11 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-3555
2009-11-05 00:00:00
osv
osv
Apache Tomcat affected by vulnerability in TLS and SSL protocol
2022-05-02 03:46:22
debiancve
debiancve
CVE-2009-3555
2009-11-09 17:30:00
ubuntucve
ubuntucve
CVE-2009-3555
2009-11-09 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:15.ssl
2009-12-03 00:00:00
exploitdb
exploitdb
TLS - Renegotiation
2009-12-21 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
64.3%
Related for NGINX:CVE-2009-3555