Lucene search
VMwareVMSA-2009-0004HistoryMar 31, 2009 - 12:00 a.m.
ESX Service Console updates for openssl, bind, and vim
2009-03-3100:00:00
www.vmware.com
34
0.175 Low
EPSS
Percentile
95.6%
a. Updated OpenSSL package for the Service Console fixes a security issue.
OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVP_VerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-5077 to this issue.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.
Related
vmware
vmware
ESX Service Console updates for openssl, bind, and vim
2009-03-31 00:00:00
nessus
nessus
VMware ESX Multiple Vulnerabilities (VMSA-2009-0004) (remote check)
2016-03-03 00:00:00
Oracle Linux 3 / 4 : vim (ELSA-2008-0617)
2013-07-12 00:00:00
RHEL 3 / 4 : vim (RHSA-2008:0617)
2008-11-25 00:00:00
openvas
openvas
CentOS Update for vim-common CESA-2008:0617 centos3 i386
2009-02-27 00:00:00
CentOS Update for vim-common CESA-2008:0617 centos4 x86_64
2009-02-27 00:00:00
CentOS Update for vim-common CESA-2008:0617 centos3 x86_64
2009-02-27 00:00:00
centos
centos
vim security update
2008-11-25 16:56:47
vim security update
2008-11-25 23:40:39
vim security update
2008-11-26 22:22:41
redhat
redhat
(RHSA-2008:0617) Moderate: vim security update
2008-11-25 00:00:00
(RHSA-2008:0618) Moderate: vim security update
2008-11-25 00:00:00
(RHSA-2008:0580) Moderate: vim security update
2008-11-25 00:00:00
oraclelinux
oraclelinux
vim security update
2008-11-25 00:00:00
vim security update
2008-11-25 00:00:00
bind security update
2009-01-08 00:00:00
debian
debian
[Backports-security-announce] Security Update for vim
2008-11-29 10:05:12
[Backports-security-announce] Security Update for vim
2008-11-29 10:05:18
[SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness
2009-01-12 21:27:18
ubuntucve
ubuntucve
debiancve
debiancve
ubuntu
ubuntu
Vim vulnerabilities
2009-01-27 00:00:00
Bind vulnerability
2009-01-09 00:00:00
vim vulnerability
2007-08-28 00:00:00
cve
cve
prion
prion
Code injection
2008-09-18 17:59:00
Input validation
2009-01-07 17:30:00
Input validation
2009-01-26 15:30:00
f5
f5
SOL11503 - BIND 9 vulnerability CVE-2009-0265
2010-05-10 00:00:00
K9762 : OpenSSL vulnerability - CVE-2008-5077
2014-05-30 00:00:00
SOL9762 - OpenSSL vulnerability - CVE-2008-5077
2009-03-03 00:00:00
securityvulns
securityvulns
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses
2009-01-09 00:00:00
vim multiple security vulnerabilities
2008-08-25 00:00:00
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
2008-08-08 00:00:00
osv
osv
vim - multiple vulnerabilities
2009-03-03 00:00:00
veracode
veracode
DSA Certificate Validation Bypass
2020-04-10 00:34:40
Arbitrary Code Execution
2020-04-10 00:25:49
Arbitrary Code Execution
2020-04-10 00:25:49
seebug
seebug
Vim HelpTags命令远程格式串处理漏洞
2007-08-01 00:00:00
freebsd
freebsd
vim -- Vim Shell Command Injection Vulnerabilities
2008-06-16 00:00:00
vim -- Command Format String Vulnerability
2007-07-27 00:00:00
vim6 -- heap-based overflow while parsing shell metacharacters
2008-07-31 00:00:00
suse
suse
information disclosure in bind
2009-01-22 12:03:42
fedora
fedora
[SECURITY] Fedora 10 Update: bind-9.5.1-1.P1.fc10
2009-01-15 02:59:44
[SECURITY] Fedora 9 Update: tqsllib-2.0-5.fc9
2009-01-15 03:07:29
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:04.bind
2009-01-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 0.9.8j-alt1
2009-01-08 00:00:00