CVE-2009-3767

{"id": "CVE-2009-3767", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-10-23T19:30:00.250", "references": [{"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036138.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=oss-security&m=125198917018936&w=2", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=oss-security&m=125369675820512&w=2", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38769", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40677", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-201406-36.xml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT3937", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_o.c.diff?r1=1.8&r2=1.11&f=h", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0543.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/3056", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/1858", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11178", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7274", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."}, {"lang": "es", "value": "libraries/libldap/tls_o.c en OpenLDAP, cuando se usa OpenSSL, no maneja de forma adecuada el caracter '\\0' en un nombre de dominio, dentro del campo sujeto del Common Name (CN) en los certificados X.509, lo\r\nque permite a atacantes man-in-the-middle, esp\u00edar servidores SSL de su elecci\u00f3n a trav\u00e9s de certificados manipulados concedidos por Autoridades Certificadoras, esta relacionado con CVE-2009-2408.\r\n"}], "lastModified": "2020-10-14T17:13:00.343", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1479E6E9-32C0-437A-97D0-896D354BCF46", "versionEndExcluding": "2.4.18"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDA1CA86-1405-4C25-9BC2-5A5E6A76B911"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8333C974-DF5B-4098-A766-EB8D875817F5", "versionEndExcluding": "10.6.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BB5EDB-520B-4DEF-B06E-65CA13152824"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767\n\nThis issue was addressed in the openldap packages as shipped with Red Hat Enterprise Linux 5 and 4 via: https://rhn.redhat.com/errata/RHSA-2010-0198.html and https://rhn.redhat.com/errata/RHSA-2010-0543.html respectively.\n\nThe Red Hat Security Response Team has rated this issue as having moderate security impact, a future openldap update may address this flaw in Red Hat Enterprise Linux 3.", "lastModified": "2010-07-20T00:00:00", "organization": "Red Hat"}, {"comment": "OpenLDAP reported this issue and published a patch for it on 2009-07-30. The patch was included in OpenLDAP 2.4.18 which was released on 2009-09-06. The current release of OpenLDAP is available from the following location:\n\nhttp://www.openldap.org/software/download/", "lastModified": "2009-10-30T00:00:00", "organization": "OpenLDAP"}], "sourceIdentifier": "cve@mitre.org"}