Published: 30/07/2009 Updated: 14/02/2024

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Mozilla Network Security Services (NSS) prior to 3.12.3, Firefox prior to 3.0.13, Thunderbird prior to 2.0.0.23, and SeaMonkey prior to 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox prior to 3.5.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla network security services
mozilla firefox
mozilla seamonkey
mozilla thunderbird
suse linux enterprise server 9
suse linux enterprise 11.0
suse linux enterprise 10.0
opensuse opensuse
debian debian linux 5.0
canonical ubuntu linux 9.04
canonical ubuntu linux 8.10
canonical ubuntu linux 8.04

Synopsis Critical: nspr and nss security and bug fix update Type/Severity Security Advisory: Critical Topic Updated nspr and nss packages that fix security issues and bugs are nowavailable for Red Hat Enterprise Linux 47 Extended Update SupportThis update has been rated as having critical security impact ...

Synopsis Critical: nspr and nss security, bug fix, and enhancement update Type/Severity Security Advisory: Critical Topic Updated nspr and nss packages that fix security issues, bugs, and add anenhancement are now available for Red Hat Enterprise Linux 5This update has been rated as having critical securit ...

Synopsis Critical: nspr and nss security and bug fix update Type/Severity Security Advisory: Critical Topic Updated nspr and nss packages that fix security issues and a bug are nowavailable for Red Hat Enterprise Linux 4This update has been rated as having critical security impact by the RedHat Security Re ...

USN-810-1 fixed vulnerabilities in NSS Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS (eg Firefox) to have an executable stack This reduced the effectiveness of some defensive security protections This update fixes the problem ...

USN-810-1 fixed vulnerabilities in NSS This update provides the NSPR needed to use the new NSS ...

Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program (CVE-2009-2404) ...

Several vulnerabilities have been discovered in the Network Security Service libraries The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary code CVE-2009-2408 Dan Kami ...

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a '\0' character in a domain name ...

Debian Bug report logs - #553432 CVE-2009-3767: Doesn't properly handle NULL character in subject Common Name Package: openldap; Maintainer for openldap is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Sat, 31 Oct 2009 10:00:01 UTC ...

Debian Bug report logs - #546212 CVE-2009-2702: KDE KSSL NULL Character Certificate Spoofing Vulnerability Package: kdelibs; Maintainer for kdelibs is (unknown); Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Fri, 11 Sep 2009 17:42:02 UTC Severity: serious Tags: security Fixed in versions kdelibs/4:3510dfs ...

Debian Bug report logs - #549293 CVE-2009-3490: does not properly handle a '\0' character in a domain name in the Common Name field of an X509 certificate Package: wget; Maintainer for wget is Noël Köthe <noel@debianorg>; Source for wget is src:wget (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <giuseppe@iucula ...

Debian Bug report logs - #564581 CVE-2009-4565: does not properly handle a '\0' character in a Common Name (CN) field of an X509 certificate Package: sendmail; Maintainer for sendmail is Debian QA Group <packages@qadebianorg>; Source for sendmail is src:sendmail (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <iuc ...

Debian Bug report logs - #539934 CVE-2009-2408, CVE-2009-2404, NSS multiple vulnerabilities Package: nss; Maintainer for nss is Maintainers of Mozilla-related packages <team+pkg-mozilla@trackerdebianorg>; Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Tue, 4 Aug 2009 15:03:02 UTC Severity: serious Tag ...

Debian Bug report logs - #542926 CVE-2009-2474: Improper verification of x590v3 certificate with NUL (zero) byte in certain fields Packages: neon27, neon, neon26; Maintainer for neon27 is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Maintainer for neon is (unknown); Maintainer for neon26 is (unknown); Reported by: Giuseppe Iucu ...

Debian Bug report logs - #545793 CVE-2009-2700: QSslCertificate incorrect verification of SSL certificate with NUL in subjectAltName Package: qt4-x11; Maintainer for qt4-x11 is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Wed, 9 Sep 2009 08:00 ...

Mozilla Foundation Security Advisory 2009-42 Compromise of SSL-protected communication Announced August 1, 2009 Reporter Dan Kaminsky Impact Critical Products Firefox, NSS, SeaMonkey, Thunderbird Fixed in ...

CWE-295 http://www.wired.com/threatlevel/2009/07/kaminsky/https://bugzilla.redhat.com/show_bug.cgi?id=510251 http://osvdb.org/56723 http://www.vupen.com/english/advisories/2009/2085 http://www.ubuntu.com/usn/usn-810-1 http://www.securitytracker.com/id?1022632 http://www.mozilla.org/security/announce/2009/mfsa2009-42.html http://secunia.com/advisories/36139 http://secunia.com/advisories/36157 http://secunia.com/advisories/36088 http://secunia.com/advisories/36125 http://www.mandriva.com/security/advisories?name=MDVSA-2009:197 http://www.redhat.com/support/errata/RHSA-2009-1207.html http://isc.sans.org/diary.html?storyid=7003 http://www.redhat.com/support/errata/RHSA-2009-1432.html http://www.debian.org/security/2009/dsa-1874 http://secunia.com/advisories/36434 http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h http://marc.info/?l=oss-security&m=125198917018936&w=2 http://www.vupen.com/english/advisories/2009/3184 http://www.mandriva.com/security/advisories?name=MDVSA-2009:217 http://www.mandriva.com/security/advisories?name=MDVSA-2009:216 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1 http://secunia.com/advisories/37098 http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://secunia.com/advisories/36669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751 https://usn.ubuntu.com/810-2/https://access.redhat.com/errata/RHSA-2009:1190 https://nvd.nist.gov https://usn.ubuntu.com/810-3/

Get Started

CVE-2009-2408

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect