Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2009:6549

Overview

Id SUSE-2009:6549
Name Novell SUSE 2009:6549 neon security update for SLE 10 SP3 i586
Vendor Name novell
Product None
Content Type Critical - 01 Critical - 01
Language(s)
Operating System(s) Linux 
Released On 12 Oct 2009 12:00:00

SUSE-2009:6549

Novell SUSE 2009:6549 neon security update for SLE 10 SP3 i586

Vendor Name

novell

Product

None

Released On

12 Oct 2009 12:00:00

Url

http://www.novell.com/support/search.do?usemicrosite=true&searchString=9c400659d0ad61b54865449b76c3d803

Description

LSAC(v2)
neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers (CVE-2009-2408). Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory (CVE-2009-2473).

Related Resources

Related Vulnerabilities

CVE-2009-2408   CVE-2009-2473  

Related Patches

None

Superseded Patches

None


Last Updated: 27 May 2016 11:23:12