Vulnerability CVE-2009-0050

Vulnerability Name:

CVE-2009-0050 (CCN-47837)

Assigned:

2009-01-07

Published:

2009-01-07

Updated:

2018-10-11

Summary:

Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2009-0050

Source: MITRE
Type: CNA
CVE-2009-0051

Source: CCN
Type: Lasso Web site
Lasso - Free Liberty Alliance Single Sign On

Source: DEBIAN
Type: DSA-1700
lasso -- incorrect API usage

Source: CCN
Type: oCERT Advisories #2008-016
multiple OpenSSL signature verification API misuse

Source: MISC
Type: UNKNOWN
http://www.ocert.org/advisories/ocert-2008-016.html

Source: BUGTRAQ
Type: UNKNOWN
20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses

Source: CCN
Type: BID-33151
Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability

Source: CCN
Type: VMSA-2009-0004
ESX Service Console updates for openssl, bind, and vim

Source: CCN
Type: ZXID Web site
ZXID Home - Open Source IdM for the Masses - SAML SSO

Source: XF
Type: UNKNOWN
openssl-dsa-verify-security-bypass(47837)

Source: XF
Type: UNKNOWN
openssl-dsa-verify-security-bypass(47837)

Vulnerable Configuration:

Configuration 1:

cpe:/a:entrouvert:lasso:1.9.9.0:*:*:*:*:*:*:*

OR cpe:/a:entrouvert:lasso:2.0.0-1:*:*:*:*:*:*:*

OR cpe:/a:entrouvert:lasso:*:*:*:*:*:*:*:* (Version <= 2.2.1-0)

Configuration CCN 1:

cpe:/a:zxid:zxid:0.28:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.27:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.26:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.25:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.22:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.21:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.20:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.19:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.18:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.17:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.16:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.15:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.14:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.13:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.12:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.11:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.10:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.9:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.8:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.7:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.6:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.5:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.4:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.3:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.2:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.1:*:*:*:*:*:*:*

OR cpe:/a:zxid:zxid:0.29:*:*:*:*:*:*:*

AND

cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:esx_server:3.0.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:7399	P	DSA-1700 lasso -- incorrect API usage	2014-06-23
oval:org.mitre.oval:def:13694	P	DSA-1700-1 lasso -- incorrect API usage	2014-06-23
oval:org.debian:def:1700	V	incorrect API usage	2009-01-11

BACK