Vulnerability CVE-2009-2409


Published: 2009-07-30   Modified: 2012-02-13

Description:
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.

Type:

CWE-310

(Cryptographic Issues)

Vendor: Mozilla
Product: NSS 
Version:
3.9.5
3.9
3.8
3.7.7
3.7.5
3.7.3
3.7.2
3.7.1
3.7
3.6.1
3.6
3.5
3.4.3
3.4.2
3.4.1
3.4
3.3.2
3.3.1
3.3
3.2.1
3.2
3.12.2
3.12.1
3.12
3.11.8
3.11.7
3.11.4
3.11.2
3.10
3.0
See more versions on NVD
Vendor: GNU
Product: Gnutls 
Version:
2.7.4
2.6.3
2.6.2
2.6.1
2.6.0
2.5.0
2.4.2
2.4.1
2.4.0
2.3.9
2.3.8
2.3.7
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.11
2.3.10
2.3.1
2.3.0
2.2.5
2.2.4
2.2.3
2.2.2
2.2.1
2.2.0
2.1.8
2.1.7
2.1.6
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.7.9
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.19
1.7.18
1.7.17
1.7.16
1.7.15
1.7.14
1.7.13
1.7.12
1.7.11
1.7.10
1.7.1
1.7.0
1.6.3
1.6.2
1.6.1
1.6.0
1.5.5
1.5.4
1.5.3
1.5.2
1.5.1
See more versions on NVD

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.1/10
6.4/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
http://java.sun.com/javase/6/webnotes/6u17.html
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://security.gentoo.org/glsa/glsa-200912-01.xml
http://support.apple.com/kb/HT3937
http://www.debian.org/security/2009/dsa-1874
http://www.mandriva.com/security/advisories?name=MDVSA-2009:197
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216
http://www.mandriva.com/security/advisories?name=MDVSA-2009:258
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
http://www.redhat.com/support/errata/RHSA-2009-1207.html
http://www.redhat.com/support/errata/RHSA-2009-1432.html
http://www.securityfocus.com/archive/1/515055/100/0/threaded
http://www.securitytracker.com/id?1022631
http://www.ubuntu.com/usn/usn-810-1
http://www.vmware.com/security/advisories/VMSA-2010-0019.html
http://www.vupen.com/english/advisories/2009/2085
http://www.vupen.com/english/advisories/2009/3184
http://www.vupen.com/english/advisories/2010/3126
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2409
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10763
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6631
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8594
https://rhn.redhat.com/errata/RHSA-2010-0095.html
https://usn.ubuntu.com/810-2/
https://www.debian.org/security/2009/dsa-1888

Related CVE
CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
CVE-2019-16165
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operati...
CVE-2019-15767
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
CVE-2019-15531
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
CVE-2018-20969
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
CVE-2019-14444
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.
CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable sy...

Copyright 2019, cxsecurity.com

 

Back to Top