15 matches found
OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Windows
OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
SOL15369 - OpenSSL vulnerability CVE-2009-0591
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
OpenSSL < 0.9.8k Signature Repudiation
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8k. As such, it may allow a valid sign to generate invalid signatures which would appear valid and could be repudiated later. This only affects CMS users. CMS appeared in OpenSSL 0.9.8h. C Tenable...
Mac OS X Multiple Vulnerabilities (Security Update 2009-005)
The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-005 applied. This security update contains fixes for the following products : - Alias Manager - CarbonCore - ClamAV - ColorSync - CoreGraphics - CUPS - Flash Player plug-in - ImageIO - Launch...
openSUSE Security Update : libopenssl-devel (libopenssl-devel-786)
This update of openssl fixes the following problems : - CVE-2009-0590: ASN1STRINGprintex function allows remote denial of service - CVE-2009-0591: CMSverify function allows signatures to look valid - CVE-2009-0789: denial of service due to malformed ASN.1 structures %NASLMINLEVEL 70300 C Tenable...
HP-UX Update for OpenSSL HPSBUX02435
Check for the Version of OpenSSL OpenVAS Vulnerability Test HP-UX Update for OpenSSL HPSBUX02435 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
openssl
New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0789 https://vulners.com/cve/CVE-2009-0591...
OpenSSL Multiple Vulnerabilities (Windows)
This host is installed with OpenSSL and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbopensslmultvulnwin.nasl 8193 2017-12-20 10:46:55Z cfischer $ OpenSSL Multiple Vulnerabilities Windows Authors: Sujit Ghosal Copyright: Copyright c 2009 Greenbone Networks GmbH,...
OpenSSL Multiple Vulnerabilities (Mar 2009) - Windows
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
CVE-2009-0591
The CMSverify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid...
CVE-2009-0591
The CVE-2009-0591 entry concerns OpenSSL CMS_verify behavior. Affected software: OpenSSL 0.9.8h–0.9.8j when CMS is enabled. Root cause: CMS verification path does not correctly handle errors related to malformed signed attributes. Impact: remote attackers can repudiate a signature that appeared v...
Security fix for the ALT Linux 6 package openssl10 version 0.9.8k-alt1
March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8k-alt1
March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...
Security fix for the ALT Linux 8 package openssl10 version 0.9.8k-alt1
March 25, 2009 Evgeny Sinelnikov 0.9.8k-alt1 - Updated to new 0.9.8k includes security fixes and improvements - Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590...
Vulnerability in OpenSSL CVE-2009-0591
The function CMSverify does not correctly handle an error condition involving malformed signed attributes. This will cause an invalid set of signed attributes to appear valid and content digests will not be checked. Found by Ivan Nestlerode, IBM...