Lucene search
+L

24 matches found

UbuntuCve
UbuntuCve
added 2009/01/07 5:30 p.m.32 views

CVE-2009-0021

NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

5CVSS5.9AI score0.03218EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/01/07 5:0 p.m.30 views

CVE-2009-0021

NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

7.2AI score0.03218EPSS
Exploits0References19
CVE
CVE
added 2009/01/07 5:0 p.m.149 views

CVE-2008-5077

OpenSSL 0.9.8i and earlier are affected: EVP_VerifyFinal return value is not checked, allowing remote attackers to bypass certificate-chain validation for signatures using DSA/ECDSA. The CVE entry is documented with this OpenSSL defect; multiple advisories note this is a similar issue to CVE-2009...

5.8CVSS7AI score0.05146EPSS
Exploits1References43Affected Software1
Cvelist
Cvelist
added 2009/01/07 5:0 p.m.28 views

CVE-2008-5077

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys...

7.2AI score0.05146EPSS
Exploits1References43
Rows per page
Query Builder