Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0025

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0025
Last Modified 16 Mar 2015 09:59:28
Published 07 Jan 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0025

Summary

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Vulnerable Systems

Application

  • Isc Bind

  • Isc Bind 4

  • Isc Bind 4.9

  • Isc Bind 4.9.10

  • Isc Bind 4.9.2

  • Isc Bind 4.9.3

  • Isc Bind 4.9.4

  • Isc Bind 4.9.5

  • Isc Bind 4.9.6

  • Isc Bind 4.9.7

  • Isc Bind 4.9.8

  • Isc Bind 4.9.9

  • Isc Bind 8

  • Isc Bind 8.1

  • Isc Bind 8.1.1

  • Isc Bind 8.1.2

  • Isc Bind 8.2

  • Isc Bind 8.2.1

  • Isc Bind 8.2.2

  • Isc Bind 8.2.3

  • Isc Bind 8.2.3 T1a

  • Isc Bind 8.2.3 T9b

  • Isc Bind 8.2.4

  • Isc Bind 8.2.5

  • Isc Bind 8.2.6

  • Isc Bind 8.2.7

  • Isc Bind 8.3.0

  • Isc Bind 8.3.1

  • Isc Bind 8.3.2

  • Isc Bind 8.3.3

  • Isc Bind 8.3.4

  • Isc Bind 8.3.5

  • Isc Bind 8.3.6

  • Isc Bind 8.4

  • Isc Bind 8.4.1

  • Isc Bind 8.4.4

  • Isc Bind 8.4.5

  • Isc Bind 8.4.7

  • Isc Bind 9.0

  • Isc Bind 9.0.1

  • Isc Bind 9.1

  • Isc Bind 9.1.1

  • Isc Bind 9.1.2

  • Isc Bind 9.1.3

  • Isc Bind 9.2

  • Isc Bind 9.2.0

  • Isc Bind 9.2.1

  • Isc Bind 9.2.2

  • Isc Bind 9.2.3

  • Isc Bind 9.2.4

  • Isc Bind 9.2.5

  • Isc Bind 9.2.6

  • Isc Bind 9.2.7

  • Isc Bind 9.2.9

  • Isc Bind 9.3

  • Isc Bind 9.3.0

  • Isc Bind 9.3.1

  • Isc Bind 9.3.2

  • Isc Bind 9.3.3

  • Isc Bind 9.3.5-p2-w1

  • Isc Bind 9.4

  • Isc Bind 9.4.0

  • Isc Bind 9.4.0a1

  • Isc Bind 9.4.0a2

  • Isc Bind 9.4.0a3

  • Isc Bind 9.4.0a4

  • Isc Bind 9.4.0a5

  • Isc Bind 9.4.0a6

  • Isc Bind 9.4.0b1

  • Isc Bind 9.4.0b2

  • Isc Bind 9.4.0b3

  • Isc Bind 9.4.0b4

  • Isc Bind 9.4.1

  • Isc Bind 9.4.2

  • Isc Bind 9.4.3


References

CERT - TA09-133A

FEDORA - FEDORA-2009-0350

CONFIRM - https://www.isc.org/software/bind/advisories/cve-2009-0025

CONFIRM - https://issues.rpath.com/browse/RPL-2938

VUPEN - ADV-2009-1297

VUPEN - ADV-2009-0904

VUPEN - ADV-2009-0366

VUPEN - ADV-2009-0043

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0004.html

BUGTRAQ - 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim

BUGTRAQ - 20090120 rPSA-2009-0009-1 bind bind-utils

CONFIRM - http://www.openbsd.org/errata44.html#008_bind

MISC - http://www.ocert.org/advisories/ocert-2008-016.html

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0009

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-045.htm

CONFIRM - http://support.apple.com/kb/HT3549

SUNALERT - 250846

SLACKWARE - SSA:2009-014-02

FREEBSD - FreeBSD-SA-09:04

SECUNIA - 35074

SECUNIA - 33882

SECUNIA - 33683

SECUNIA - 33559

SECUNIA - 33551

SECUNIA - 33546

SECUNIA - 33494

APPLE - APPLE-SA-2009-05-12

MISC - http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33

BID - 33151

BUGTRAQ - 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses

HP - SSRT101004

Related Patches

Apple 2009-05-12 Security Update 2009-002 Server (Tiger PPC)

Apple 2009-05-12 Security Update 2009-002 (Tiger PPC)

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Security Update 2009-002 (Tiger Intel)

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update


Last Updated: 27 May 2016 10:49:48