DEBIAN-CVE-2009-0025

DEBIAN-CVE-2009-0025 PUBLISHED

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Affected Products

Vendor	Product	Versions
Debian:14	bind9	0, 0, 0
Debian:12	bind9	0, 0, 0
Debian:11	bind9	0, 0, 0
Debian:13	bind9	0, 0, 0

Timeline

Jan 7, 2009 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2009-0025 advisory

Open in Interactive Console →