Published: 15/12/2009 Updated: 10/10/2018

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 518

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

PostgreSQL 7.4.x prior to 7.4.27, 8.0.x prior to 8.0.23, 8.1.x prior to 8.1.19, 8.2.x prior to 8.2.15, 8.3.x prior to 8.3.9, and 8.4.x prior to 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle malicious users to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote malicious users to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Vulnerable Product	Search on Vulmon	Subscribe to Product
postgresql postgresql 7.4.3
postgresql postgresql 7.4.2
postgresql postgresql 7.4.18
postgresql postgresql 7.4.1
postgresql postgresql 7.4.16
postgresql postgresql 7.4.17
postgresql postgresql 7.4.26
postgresql postgresql 8.0.11
postgresql postgresql 8.0.20
postgresql postgresql 8.0.4
postgresql postgresql 8.0.3
postgresql postgresql 8.0.17
postgresql postgresql 8.0.18
postgresql postgresql 8.1.7
postgresql postgresql 8.1.16
postgresql postgresql 8.1.10
postgresql postgresql 8.1.6
postgresql postgresql 8.1.9
postgresql postgresql 8.1.18
postgresql postgresql 8.2.3
postgresql postgresql 8.2.7
postgresql postgresql 8.2.6
postgresql postgresql 8.3.6
postgresql postgresql 8.3.7
postgresql postgresql 7.4.6
postgresql postgresql 7.4.24
postgresql postgresql 7.4.12
postgresql postgresql 7.4.13
postgresql postgresql 7.4.25
postgresql postgresql 7.4.19
postgresql postgresql 8.0.14
postgresql postgresql 8.0.1
postgresql postgresql 8.0.5
postgresql postgresql 8.0.6
postgresql postgresql 8.0.15
postgresql postgresql 8.0.21
postgresql postgresql 8.1.4
postgresql postgresql 8.1.5
postgresql postgresql 8.1.12
postgresql postgresql 8.1.14
postgresql postgresql 8.2.12
postgresql postgresql 8.2.5
postgresql postgresql 8.2.8
postgresql postgresql 8.2.13
postgresql postgresql 8.3.1
postgresql postgresql 8.3.4
postgresql postgresql 7.4.5
postgresql postgresql 7.4.4
postgresql postgresql 7.4.7
postgresql postgresql 7.4.10
postgresql postgresql 7.4.11
postgresql postgresql 7.4.22
postgresql postgresql 7.4.23
postgresql postgresql 8.0.0
postgresql postgresql 8.0.10
postgresql postgresql 8.0.7
postgresql postgresql 8.0.8
postgresql postgresql 8.0.19
postgresql postgresql 8.0.12
postgresql postgresql 8.1.0
postgresql postgresql 8.1.1
postgresql postgresql 8.1.11
postgresql postgresql 8.1.13
postgresql postgresql 8.2.2
postgresql postgresql 8.2.14
postgresql postgresql 8.2.11
postgresql postgresql 8.2.9
postgresql postgresql 8.3.5
postgresql postgresql 8.3.2
postgresql postgresql 7.4.9
postgresql postgresql 7.4.8
postgresql postgresql 7.4.14
postgresql postgresql 7.4.15
postgresql postgresql 7.4.20
postgresql postgresql 7.4.21
postgresql postgresql 8.0.2
postgresql postgresql 8.0.13
postgresql postgresql 8.0.9
postgresql postgresql 8.0.16
postgresql postgresql 8.0.22
postgresql postgresql 8.1.8
postgresql postgresql 8.1.2
postgresql postgresql 8.1.3
postgresql postgresql 8.1.15
postgresql postgresql 8.1.17
postgresql postgresql 8.2.4
postgresql postgresql 8.2
postgresql postgresql 8.2.1
postgresql postgresql 8.2.10
postgresql postgresql 8.3.8
postgresql postgresql 8.3.3
postgresql postgresql 8.4.1

It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X509 certificates An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications (CVE-2009-4034) ...

Several vulnerabilities have been discovered in PostgreSQL, a database server The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that PostgreSQL did not properly verify the Common Name attribute in X509 certificates, enabling attackers to bypass the (optional) TLS protection on client-server conn ...

CWE-310 http://www.postgresql.org/docs/current/static/release-8-3-9.html http://www.postgresql.org/docs/current/static/release-7-4-27.html http://www.postgresql.org/docs/current/static/release-8-2-15.html http://www.postgresql.org/support/security.html http://www.postgresql.org/docs/current/static/release-8-4-2.html http://www.postgresql.org/docs/current/static/release-8-0-23.html http://www.postgresql.org/docs/current/static/release-8-1-19.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:333 http://secunia.com/advisories/37663 http://osvdb.org/61038 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01035.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01056.html http://www.securityfocus.com/bid/37334 http://www.securitytracker.com/id?1023325 http://www.vupen.com/english/advisories/2009/3519 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012 http://marc.info/?l=bugtraq&m=134124585221119&w=2 http://www.securityfocus.com/archive/1/509917/100/0/threaded https://usn.ubuntu.com/876-1/https://nvd.nist.gov

Get Started

CVE-2009-4034

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect