VDB
CVE-2009-2409
CVE-2009-2409
PUBLISHED
Une vulnérabilité dans OpenSSL sous Debian permet à un utilisateur distant d'usurper un certificat arbitraire.
EPSS 2.22% · 84.8th percentile
Risk Scores
EPSS Score
2.22%
84.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | N/A |
Exploit Intelligence
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
Timeline
- Jul 30, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Jul 17, 2022 EPSS Score
- Jul 18, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- https://cert.ssi.gouv.fr/avis/CERTA-2009-AVI-392/ advisory
- https://cert.ssi.gouv.fr/avis/CERTA-2009-AVI-487/ advisory
- http://docs.info.apple.com/article.html?artnum=HT3937 advisory
- https://cert.ssi.gouv.fr/avis/CERTA-2010-AVI-008/ advisory
- https://cert.ssi.gouv.fr/avis/CERTA-2010-AVI-461/ advisory
- http://lists.vmware.com/pipermail/security-announce/2010/000106.html advisory
- https://cert.ssi.gouv.fr/avis/CERTA-2010-AVI-583/ advisory
- https://cert.ssi.gouv.fr/avis/CERTA-2011-AVI-032/ advisory