admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-39xx/CVE-2009-3942.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

316 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-3942",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-11-16T19:30:01.077",
"lastModified": "2010-01-28T07:00:06.127",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
},
{
"lang": "es",
"value": "Martin Lambers msmtp versiones anteriores a v1.4.19, cuando usa OpenSSL, no maneja adecuadamente un car\u00e1cter '\\0' en un nombre de dominio (1) en el campo nombre com\u00fan del sujeto o (2) en el campo nombre alternativo del sujeto de un certificado X.509, permitiendo que atacantes de hombre en medio (man-in-the-middle) suplantar a servidores SSL de su elecci\u00f3n mediante un certificado modificado emitido por una Autoridad de Certificaci\u00f3n leg\u00edtima, estando relacionado con el CVE-2009-2408."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.18",
"matchCriteriaId": "5D01B530-981C-4EF5-89E6-538ADA25D2F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99E4CB87-6453-43EA-B969-1D26F047B868"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C28522F5-40C1-4CB2-8A21-FFF9C75B6C9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D297F70-E8FF-45BA-A299-1B24D0616855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEE80E9-C4FF-4AB3-8DFA-2468B01861E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAB4EC4-2035-4421-90ED-772E01BC6725"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "448B136B-7FCB-444F-A8AE-89DBA1308EDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F98F29-131F-49E6-A819-89AB1CDFB8F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A9C11A-A8FC-4132-BE35-1A55A869D962"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6304EC0-8977-4164-9355-E419B2BDFE12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D69119-DB27-4439-A4A1-20B22226D3E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86A0B3AA-EDED-4BC9-9516-23A1870C68FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD544309-CACE-4D0E-8921-B972988939DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDDDAAA-FE6D-4E3D-B4BA-2FDEADAE8CD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A71A198-495A-4BA1-A66F-734E49126710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6806D84A-C775-46CC-BD67-1FB70ACD7B60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9267E3FC-3B89-4E9D-924E-401FA7B1872C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F49177D-4F29-40DA-AAB4-39B71BDA8210"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C241047D-1A6C-4E49-968D-AF08881B57D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71F0F562-4906-415B-87CE-FA17126AC186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "030746E6-A9E2-4A3C-B51F-6920B558A123"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4E425C-24CC-4D64-9500-AA37120BDB20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81797111-EE62-49EB-8804-BE493A5CCB2B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3EA2E59-C745-4926-B6A4-FA7512EE9B60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB35C639-4D53-4A36-A567-F0742DE8F6BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C269D45F-7E20-4E85-8EC2-D05155750CE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48125BDD-B875-4650-8B1D-D28C5F04208F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2AAA19-7026-4EF1-85A4-87D9B08D708B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A3BE86-51CA-4DFC-809B-D38075DC052E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "390C2B54-479E-4DE3-9816-E60251455E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77FB50D8-DBE6-4547-A643-3F3749F98716"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96C296F7-053B-4C68-AD20-9F2A716F9E81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B674C7D5-9F59-4604-8469-FAA003AE7F1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "91F59DE1-329E-42E1-84CC-8CE5B032781D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "42FEED21-B6B0-4CE5-BE04-B284DEED46D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABFEA78-CE3C-4795-93C8-87F1EDECED1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA30198-E58E-408B-96CB-52417FC51CE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C27411-6B62-4B1B-8E87-2653F5712E6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "237AF741-3C2A-4F55-9286-CF6FF4977557"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E239B-8BD7-4DA7-BC86-4F64638C5203"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF8F0CF-A59D-4D0C-9414-BEE4B9714EE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "11215AD3-0AB1-47B1-B55F-DC6F40DB4F5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B2D527-F99B-45A6-BF7B-D04CC28672BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3580054B-7A34-4CE3-8B43-D398858E83D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF98D9C-A072-453D-B0C6-600DF595E3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martin_lambers:msmtp:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "21BAABE8-97D9-49AE-A9F6-A1F49E8928BB"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html",
"source": "cve@mitre.org"
},
{
"url": "http://msmtp.sourceforge.net/news.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2009/3224",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink