CVE-2009-0129

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2009-0129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-0129

Downstream

DEBIAN-CVE-2009-0129

Published

2009-01-15T17:30:00Z

Modified

2025-08-09T19:01:29Z

Summary

[none]

Details

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSAverify and DSAdo_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511519
http://openwall.com/lists/oss-security/2009/01/12/4

CVE-2009-0129

Affected packages