Oval Definition:	oval:org.opensuse.security:def:20090021
Revision Date: 2017-09-27 Version: 1 Title: CVE-2009-0021 Description: NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-0021 Platform(s): Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 SUSE Linux Enterprise SDK 10 SP2 Product(s): Definition Synopsis sles10-sp2-sdk is installed AND xntp-doc less than 4.2.4p3-48.10
BACK