7.5 - CVE-2009-4565

Executive Summary

Informations
Name	CVE-2009-4565	First vendor Publication	2010-01-04
Vendor	Cve	Last vendor Modification	2017-09-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-310	Cryptographic Issues

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10255

Oval ID:	oval:org.mitre.oval:def:10255
Title:	sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Description:	sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-4565	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section sendmail is earlier than 0:8.13.8-8.el5 AND sendmail-doc is earlier than 0:8.13.8-8.el5 AND sendmail-cf is earlier than 0:8.13.8-8.el5 AND sendmail-devel is earlier than 0:8.13.8-8.el5

Definition Id: oval:org.mitre.oval:def:11822

Oval ID:	oval:org.mitre.oval:def:11822
Title:	HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
Description:	sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-4565	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02508 HP Release B.11.23 AND filesets tests SMAIL-UPGRADE.INET-SMAIL version is less than B.11.23.1.007 AND SMAIL-UPGRADE.INET2-SMAIL version is less than B.11.23.1.007 OR Criteria meets HP Security Bulletin HPSBUX02508 HP Release B.11.11 AND SMAIL-UPGRADE.INETSVCS-SMAIL version is less than B.11.11.02.008 OR Criteria meets HP Security Bulletin HPSBUX02508 HP-UX B.11.31 AND filesets tests Sendmail.SENDMAIL-AUX version is less than C.8.13.3.5 AND Sendmail.SENDMAIL-RUN version is less than C.8.13.3.5

Definition Id: oval:org.mitre.oval:def:20232

Oval ID:	oval:org.mitre.oval:def:20232
Title:	DSA-1985-1 sendmail - insufficient input validation
Description:	It was discovered that sendmail, a Mail Transport Agent, does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate.
Family:	unix	Class:	patch
Reference(s):	DSA-1985-1 CVE-2009-4565	Version:	5
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 5.0	Product(s):	sendmail
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND sendmail DPKG is earlier than 0:8.13.8-3+etch1 AND Release section Debian GNU/Linux 5.0 is installed AND sendmail DPKG is earlier than 0:8.14.3-5+lenny1

Definition Id: oval:org.mitre.oval:def:22058

Oval ID:	oval:org.mitre.oval:def:22058
Title:	RHSA-2010:0237: sendmail security and bug fix update (Low)
Description:	sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0237-05 CVE-2006-7176 CVE-2009-4565	Version:	29
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	sendmail
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 Packages section sendmail is earlier than 0:8.13.8-8.el5 AND sendmail-doc is earlier than 0:8.13.8-8.el5 AND sendmail-devel is earlier than 0:8.13.8-8.el5 AND sendmail-cf is earlier than 0:8.13.8-8.el5

Definition Id: oval:org.mitre.oval:def:23064

Oval ID:	oval:org.mitre.oval:def:23064
Title:	ELSA-2010:0237: sendmail security and bug fix update (Low)
Description:	sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0237-05 CVE-2006-7176 CVE-2009-4565	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	sendmail
Definition Synopsis:
Oracle Linux 5.x rpm test sendmail is earlier than 0:8.13.8-8.el5 AND sendmail-doc is earlier than 0:8.13.8-8.el5 AND sendmail-devel is earlier than 0:8.13.8-8.el5 AND sendmail-cf is earlier than 0:8.13.8-8.el5

Definition Id: oval:org.mitre.oval:def:27847

Oval ID:	oval:org.mitre.oval:def:27847
Title:	DEPRECATED: ELSA-2010-0237 -- sendmail security and bug fix update (low)
Description:	[8.13.8-8] - rpm attributes S,5,T not recorded for statistics file [8.13.8-7] - fix specfile for passing rpm -V test (#555277) [8.13.8-6.el5] - fix verification of SSL certificate with NUL in name (#553618, CVE-2009-4565) - do not accept localhost.localdomain as valid address from smtp (#449391) - skip colon separator when parsing service name in ServiceSwitchFile (#512871) - exit with non-zero error code when free space is low (#299951) - fix -qG description in man page (#250552) - fix comments in sendmail.mc to use correct certs path (#244012) - add MTA to provides (#494408) - fix %dist macro use (#440616) - compile with -fno-strict-aliasing - skip t-sem test as it doesn't allow parallel testing
Family:	unix	Class:	patch
Reference(s):	ELSA-2010-0237 CVE-2006-7176 CVE-2009-4565	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	sendmail
Definition Synopsis:
Oracle Linux 5.x Packages match section sendmail is earlier than 0:8.13.8-8.el5 AND sendmail-cf is earlier than 0:8.13.8-8.el5 AND sendmail-devel is earlier than 0:8.13.8-8.el5 AND sendmail-doc is earlier than 0:8.13.8-8.el5

Definition Id: oval:org.mitre.oval:def:6719

Oval ID:	oval:org.mitre.oval:def:6719
Title:	DSA-1985 sendmail -- insufficient input validation
Description:	It was discovered that sendmail, a Mail Transport Agent, does not properly handle a "\0" character in a Common Name field of an X.509 certificate. This allows an attacker to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority.
Family:	unix	Class:	patch
Reference(s):	DSA-1985 CVE-2009-4565	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	sendmail
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section sendmail-base is earlier than 8.14.3-5+lenny1 AND sendmail-cf is earlier than 8.14.3-5+lenny1 AND sendmail-doc is earlier than 8.14.3-5+lenny1 AND sendmail is earlier than 8.14.3-5+lenny1 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section rmail is earlier than 8.14.3-5+lenny1 AND sendmail-bin is earlier than 8.14.3-5+lenny1 AND libmilter-dev is earlier than 8.14.3-5+lenny1 AND sensible-mda is earlier than 8.14.3-5+lenny1 AND libmilter1.0.1 is earlier than 8.14.3-5+lenny1 AND libmilter1.0.1-dbg is earlier than 8.14.3-5+lenny1 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND Packages section sendmail-base is earlier than 8.13.8-3+etch1 AND sendmail-cf is earlier than 8.13.8-3+etch1 AND sendmail-doc is earlier than 8.13.8-3+etch1 AND sendmail is earlier than 8.13.8-3+etch1 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section rmail is earlier than 8.13.8-3+etch1 AND libmilter0 is earlier than 8.13.8-3+etch1 AND sendmail-bin is earlier than 8.13.8-3+etch1 AND libmilter0-dbg is earlier than 8.13.8-3+etch1 AND libmilter-dev is earlier than 8.13.8-3+etch1 AND sensible-mda is earlier than 8.13.8-3+etch1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Sendmail cpe:2.3:a:sendmail:sendmail:8.9.3:::::::* cpe:2.3:a:sendmail:sendmail:8.9.2:::::::* cpe:2.3:a:sendmail:sendmail:8.9.1:::::::* cpe:2.3:a:sendmail:sendmail:8.9.0:::::::* cpe:2.3:a:sendmail:sendmail:8.8.8:::::::* cpe:2.3:a:sendmail:sendmail:8.7.9:::::::* cpe:2.3:a:sendmail:sendmail:8.7.8:::::::* cpe:2.3:a:sendmail:sendmail:8.7.7:::::::* cpe:2.3:a:sendmail:sendmail:8.7.6:::::::* cpe:2.3:a:sendmail:sendmail:8.7.10:::::::* cpe:2.3:a:sendmail:sendmail:8.6.7:::::::* cpe:2.3:a:sendmail:sendmail:8.14.3:::::::* cpe:2.3:a:sendmail:sendmail:8.14.2:::::::* cpe:2.3:a:sendmail:sendmail:8.14.1:::::::* cpe:2.3:a:sendmail:sendmail:8.14.0:::::::* cpe:2.3:a:sendmail:sendmail:8.13.8:::::::* cpe:2.3:a:sendmail:sendmail:8.13.7:::::::* cpe:2.3:a:sendmail:sendmail:8.13.6:::::::* cpe:2.3:a:sendmail:sendmail:8.13.5:::::::* cpe:2.3:a:sendmail:sendmail:8.13.4:::::::* cpe:2.3:a:sendmail:sendmail:8.13.3:::::::* cpe:2.3:a:sendmail:sendmail:8.13.2:::::::* cpe:2.3:a:sendmail:sendmail:8.13.1.2:::::::* cpe:2.3:a:sendmail:sendmail:8.13.1:::::::* cpe:2.3:a:sendmail:sendmail:8.13.0:::::::* cpe:2.3:a:sendmail:sendmail:8.12.9:::::::* cpe:2.3:a:sendmail:sendmail:8.12.8:::::::* cpe:2.3:a:sendmail:sendmail:8.12.7:::::::* cpe:2.3:a:sendmail:sendmail:8.12.6:::::::* cpe:2.3:a:sendmail:sendmail:8.12.5:::::::* cpe:2.3:a:sendmail:sendmail:8.12.4:::::::* cpe:2.3:a:sendmail:sendmail:8.12.3:::::::* cpe:2.3:a:sendmail:sendmail:8.12.2:::::::* cpe:2.3:a:sendmail:sendmail:8.12.11:::::::* cpe:2.3:a:sendmail:sendmail:8.12.10:::::::* cpe:2.3:a:sendmail:sendmail:8.12.1:::::::* cpe:2.3:a:sendmail:sendmail:8.12.0:::::::* cpe:2.3:a:sendmail:sendmail:8.12:beta10:::::: cpe:2.3:a:sendmail:sendmail:8.12:beta16:::::: cpe:2.3:a:sendmail:sendmail:8.12:beta12:::::: cpe:2.3:a:sendmail:sendmail:8.12:beta5:::::: cpe:2.3:a:sendmail:sendmail:8.12:beta7:::::: cpe:2.3:a:sendmail:sendmail:8.11.7:::::::* cpe:2.3:a:sendmail:sendmail:8.11.6:::::::* cpe:2.3:a:sendmail:sendmail:8.11.5:::::::* cpe:2.3:a:sendmail:sendmail:8.11.4:::::::* cpe:2.3:a:sendmail:sendmail:8.11.3:::::::* cpe:2.3:a:sendmail:sendmail:8.11.2:::::::* cpe:2.3:a:sendmail:sendmail:8.11.1:::::::* cpe:2.3:a:sendmail:sendmail:8.11.0:::::::* cpe:2.3:a:sendmail:sendmail:8.10.2:::::::* cpe:2.3:a:sendmail:sendmail:8.10.1:::::::* cpe:2.3:a:sendmail:sendmail:8.10.0:::::::* cpe:2.3:a:sendmail:sendmail:8.10:::::::* cpe:2.3:a:sendmail:sendmail:5.65:::::::* cpe:2.3:a:sendmail:sendmail:5.61:::::::* cpe:2.3:a:sendmail:sendmail:5.59:::::::* cpe:2.3:a:sendmail:sendmail:5:::::::* cpe:2.3:a:sendmail:sendmail:4.55:::::::* cpe:2.3:a:sendmail:sendmail:4.1:::::::* cpe:2.3:a:sendmail:sendmail:3.0.3:::::::* cpe:2.3:a:sendmail:sendmail:3.0.2:::::::* cpe:2.3:a:sendmail:sendmail:3.0.2::nt::::: cpe:2.3:a:sendmail:sendmail:3.0.1:::::::* cpe:2.3:a:sendmail:sendmail:3.0.1::nt::::: cpe:2.3:a:sendmail:sendmail:3.0:::::::* cpe:2.3:a:sendmail:sendmail:3.0::nt::::: cpe:2.3:a:sendmail:sendmail:2.6.2:::::::* cpe:2.3:a:sendmail:sendmail:2.6.1:::::::* cpe:2.3:a:sendmail:sendmail:2.6.1::nt::::: cpe:2.3:a:sendmail:sendmail:2.6:::::::* cpe:2.3:a:sendmail:sendmail:2.6::nt::::: cpe:2.3:a:sendmail:sendmail::::::::	73

OpenVAS Exploits

Date	Description
2012-08-10	Name : Gentoo Security Advisory GLSA 201206-30 (sendmail) File : nvt/glsa_201206_30.nasl
2011-02-18	Name : RedHat Update for sendmail RHSA-2011:0262-01 File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25	Name : Fedora Update for sendmail FEDORA-2010-5470 File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18	Name : Fedora Update for sendmail FEDORA-2010-5399 File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06	Name : RedHat Update for sendmail RHSA-2010:0237-05 File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
2010-03-31	Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508 File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-19	Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail) File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04	Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera... File : nvt/sendmail_37543.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
62373	Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness

Information Assurance Vulnerability Management (IAVM)

Date	Description
2010-01-07	IAVM : 2010-A-0002 - Sendmail SSL Certificate Validation Vulnerability Severity : Category I - VMSKEY : V0022182

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72837.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72836.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote AIX host is missing a security patch. File : aix_IZ70637.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_sendmail_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100330_sendmail_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-06-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-30.nasl - Type : ACT_GATHER_INFO
2011-04-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2010-10-11	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_sendmail-6860.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-5470.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-5399.nasl - Type : ACT_GATHER_INFO
2010-05-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0237.nasl - Type : ACT_GATHER_INFO
2010-03-02	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12590.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote openSUSE host is missing a security update. File : suse_11_0_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote openSUSE host is missing a security update. File : suse_11_1_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote openSUSE host is missing a security update. File : suse_11_2_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote SuSE 11 host is missing a security update. File : suse_11_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_sendmail-6859.nasl - Type : ACT_GATHER_INFO
2010-02-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1985.nasl - Type : ACT_GATHER_INFO
2010-01-13	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-003.nasl - Type : ACT_GATHER_INFO
2010-01-05	Name : The remote mail server is susceptible to a man-in-the-middle attack. File : sendmail_8_14_4.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/37543
CONFIRM	http://www.sendmail.org/releases/8.14.4
DEBIAN	http://www.debian.org/security/2010/dsa-1985
GENTOO	http://security.gentoo.org/glsa/glsa-201206-30.xml
HP	http://marc.info/?l=bugtraq&m=126953289726317&w=2
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://www.redhat.com/support/errata/RHSA-2011-0262.html
SECUNIA	http://secunia.com/advisories/37998 http://secunia.com/advisories/38314 http://secunia.com/advisories/38915 http://secunia.com/advisories/39088 http://secunia.com/advisories/40109 http://secunia.com/advisories/43366
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1
SUSE	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
VUPEN	http://www.vupen.com/english/advisories/2009/3661 http://www.vupen.com/english/advisories/2010/0719 http://www.vupen.com/english/advisories/2010/1386 http://www.vupen.com/english/advisories/2011/0415

Alert History

If you want to see full details history, please login or register.

Date	Informations
2022-04-05 01:07:57	Multiple Updates
2021-05-05 01:06:29	Multiple Updates
2021-05-04 12:10:39	Multiple Updates
2021-04-22 01:11:08	Multiple Updates
2020-05-23 01:41:15	Multiple Updates
2020-05-23 00:24:46	Multiple Updates
2017-09-19 09:23:32	Multiple Updates
2016-04-26 19:22:05	Multiple Updates
2014-02-17 10:52:49	Multiple Updates
2013-11-11 12:38:30	Multiple Updates
2013-05-11 00:03:52	Multiple Updates
2013-04-05 13:18:36	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	7
CPE ID(s)	73
Sources(s)	20
osvdb(s)	1
Openvas Exploit(s)	8
IAVM(s)	1
Nessus® Exploit(s)	26

	Related
7.5	RHSA-2011:0262
7.5	RHSA-2010:0237
7.5	MDVSA-2010:003
7.5	HPSBUX02508 SSR...
7.5	GLSA-201206-30
7.5	DSA-1985
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 6 more Alert(s)

7.5 - CVE-2009-4565

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU