OpenSSL 0.9.6 doesn't verify Basic Constraints for intermediate CA-signed certificates, allowing spoofing of trusted sites via man-in-the-middle attack
Reporter | Title | Published | Views | Family All 20 |
---|---|---|---|---|
NVD | CVE-2009-0653 | 20 Feb 200919:30 | – | nvd |
NVD | CVE-2002-0970 | 24 Sep 200204:00 | – | nvd |
Debian CVE | CVE-2009-0653 | 20 Feb 200919:30 | – | debiancve |
Cvelist | CVE-2009-0653 | 20 Feb 200919:00 | – | cvelist |
Cvelist | CVE-2002-0970 | 1 Sep 200404:00 | – | cvelist |
CVE | CVE-2009-0653 | 20 Feb 200919:30 | – | cve |
CVE | CVE-2002-0970 | 1 Sep 200404:00 | – | cve |
Prion | Sql injection | 20 Feb 200919:30 | – | prion |
RedhatCVE | CVE-2009-0653 | 30 Oct 201510:27 | – | redhatcve |
Tenable Nessus | OpenSSL 0.9.6 CA Basic Constraints Validation Vulnerability | 4 Jan 201200:00 | – | nessus |
Source | Link |
---|---|
cve | www.cve.org/CVERecord |
nvd | www.nvd.nist.gov/vuln/detail/CVE-2009-0653 |
launchpad | www.launchpad.net/bugs/cve/CVE-2009-0653 |
security-tracker | www.security-tracker.debian.org/tracker/CVE-2009-0653 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo