Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2009-0642
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-20 Feb, 2009 | 06:47
Updated At-29 Sep, 2017 | 01:33

ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Ruby
ruby-lang
>>ruby>>1.8
cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*
Ruby
ruby-lang
>>ruby>>1.9
cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528cve@mitre.org
N/A
http://redmine.ruby-lang.org/issues/show/1091cve@mitre.org
Exploit
http://secunia.com/advisories/33750cve@mitre.org
N/A
http://secunia.com/advisories/35699cve@mitre.org
N/A
http://secunia.com/advisories/35937cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2009:193cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2009-1140.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/33769cve@mitre.org
N/A
http://www.securitytracker.com/id?1022505cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-805-1cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/48761cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450cve@mitre.org
N/A
Change History
0Changes found
Details not found