Published: 23/10/2009 Updated: 14/10/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap
apple mac os x
fedoraproject fedora 11

Debian Bug report logs - #553432 CVE-2009-3767: Doesn't properly handle NULL character in subject Common Name Package: openldap; Maintainer for openldap is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Sat, 31 Oct 2009 10:00:01 UTC ...

It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications ...

Synopsis Moderate: openldap security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated openldap packages that fix one security issue and several bugs arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity i ...

Synopsis Moderate: openldap security update Type/Severity Security Advisory: Moderate Topic Updated openldap packages that fix two security issues are now availablefor Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability ...

It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issue ...

CWE-295 http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://marc.info/?l=oss-security&m=125198917018936&w=2 http://marc.info/?l=oss-security&m=125369675820512&w=2 http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_o.c.diff?r1=1.8&r2=1.11&f=h http://www.vupen.com/english/advisories/2009/3056 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://support.apple.com/kb/HT3937 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036138.html http://secunia.com/advisories/38769 http://secunia.com/advisories/40677 http://www.vupen.com/english/advisories/2010/1858 http://www.redhat.com/support/errata/RHSA-2010-0543.html http://www.redhat.com/support/errata/RHSA-2011-0896.html http://security.gentoo.org/glsa/glsa-201406-36.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11178 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553432 https://usn.ubuntu.com/858-1/https://nvd.nist.gov

CVE-2009-3767

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect