CVE-2009-0653

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2009-0653

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0653.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-0653

Downstream

DEBIAN-CVE-2009-0653

Published

2009-02-20T19:30:00Z

Modified

2026-04-10T03:40:37.233161Z

Summary

[none]

Details

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.

References

https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike

CVE-2009-0653

Affected packages