ID CVE-2009-2474
Summary neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
References
Vulnerable Configurations
  • cpe:2.3:a:webdav:neon:0.28.1
    cpe:2.3:a:webdav:neon:0.28.1
  • cpe:2.3:a:webdav:neon:0.28.2
    cpe:2.3:a:webdav:neon:0.28.2
  • cpe:2.3:a:webvdav:neon:0.15.1
    cpe:2.3:a:webvdav:neon:0.15.1
  • cpe:2.3:a:webdav:neon:0.15.2
    cpe:2.3:a:webdav:neon:0.15.2
  • cpe:2.3:a:webdav:neon:0.15.3
    cpe:2.3:a:webdav:neon:0.15.3
  • cpe:2.3:a:webdav:neon:0.16.1
    cpe:2.3:a:webdav:neon:0.16.1
  • cpe:2.3:a:webdav:neon:0.17.1
    cpe:2.3:a:webdav:neon:0.17.1
  • cpe:2.3:a:webdav:neon:0.17.2
    cpe:2.3:a:webdav:neon:0.17.2
  • cpe:2.3:a:webdav:neon:0.17.0
    cpe:2.3:a:webdav:neon:0.17.0
  • cpe:2.3:a:webdav:neon:0.18.0
    cpe:2.3:a:webdav:neon:0.18.0
  • cpe:2.3:a:webdav:neon:0.18.5
    cpe:2.3:a:webdav:neon:0.18.5
  • cpe:2.3:a:webdav:neon:0.18.4
    cpe:2.3:a:webdav:neon:0.18.4
  • cpe:2.3:a:webdav:neon:0.18.3
    cpe:2.3:a:webdav:neon:0.18.3
  • cpe:2.3:a:webdav:neon:0.18.2
    cpe:2.3:a:webdav:neon:0.18.2
  • cpe:2.3:a:webdav:neon:0.18.1
    cpe:2.3:a:webdav:neon:0.18.1
  • cpe:2.3:a:webdav:neon:0.20.0
    cpe:2.3:a:webdav:neon:0.20.0
  • cpe:2.3:a:webdav:neon:0.19.0
    cpe:2.3:a:webdav:neon:0.19.0
  • cpe:2.3:a:webdav:neon:0.19.2
    cpe:2.3:a:webdav:neon:0.19.2
  • cpe:2.3:a:webdav:neon:0.19.1
    cpe:2.3:a:webdav:neon:0.19.1
  • cpe:2.3:a:webdav:neon:0.19.3
    cpe:2.3:a:webdav:neon:0.19.3
  • cpe:2.3:a:webdav:neon:0.19.4
    cpe:2.3:a:webdav:neon:0.19.4
  • cpe:2.3:a:webdav:neon:0.1.0
    cpe:2.3:a:webdav:neon:0.1.0
  • cpe:2.3:a:webdav:neon:0.1.1
    cpe:2.3:a:webdav:neon:0.1.1
  • cpe:2.3:a:webdav:neon:0.11.0
    cpe:2.3:a:webdav:neon:0.11.0
  • cpe:2.3:a:webdav:neon:0.10.0
    cpe:2.3:a:webdav:neon:0.10.0
  • cpe:2.3:a:webdav:neon:0.12.0
    cpe:2.3:a:webdav:neon:0.12.0
  • cpe:2.3:a:webdav:neon:0.13.0
    cpe:2.3:a:webdav:neon:0.13.0
  • cpe:2.3:a:webdav:neon:0.2.0
    cpe:2.3:a:webdav:neon:0.2.0
  • cpe:2.3:a:webdav:neon:0.2.1
    cpe:2.3:a:webdav:neon:0.2.1
  • cpe:2.3:a:webdav:neon:0.21.0
    cpe:2.3:a:webdav:neon:0.21.0
  • cpe:2.3:a:webdav:neon:0.21.1
    cpe:2.3:a:webdav:neon:0.21.1
  • cpe:2.3:a:webdav:neon:0.21.2
    cpe:2.3:a:webdav:neon:0.21.2
  • cpe:2.3:a:webdav:neon:0.21.3
    cpe:2.3:a:webdav:neon:0.21.3
  • cpe:2.3:a:webdav:neon:0.22.0
    cpe:2.3:a:webdav:neon:0.22.0
  • cpe:2.3:a:webdav:neon:0.23.0
    cpe:2.3:a:webdav:neon:0.23.0
  • cpe:2.3:a:webdav:neon:0.23.1
    cpe:2.3:a:webdav:neon:0.23.1
  • cpe:2.3:a:webdav:neon:0.23.2
    cpe:2.3:a:webdav:neon:0.23.2
  • cpe:2.3:a:webdav:neon:0.23.3
    cpe:2.3:a:webdav:neon:0.23.3
  • cpe:2.3:a:webdav:neon:0.23.4
    cpe:2.3:a:webdav:neon:0.23.4
  • cpe:2.3:a:webdav:neon:0.23.5
    cpe:2.3:a:webdav:neon:0.23.5
  • cpe:2.3:a:webdav:neon:0.23.6
    cpe:2.3:a:webdav:neon:0.23.6
  • cpe:2.3:a:webdav:neon:0.23.7
    cpe:2.3:a:webdav:neon:0.23.7
  • cpe:2.3:a:webdav:neon:0.23.8
    cpe:2.3:a:webdav:neon:0.23.8
  • cpe:2.3:a:webdav:neon:0.23.9
    cpe:2.3:a:webdav:neon:0.23.9
  • cpe:2.3:a:webdav:neon:0.24.0
    cpe:2.3:a:webdav:neon:0.24.0
  • cpe:2.3:a:webdav:neon:0.24.2
    cpe:2.3:a:webdav:neon:0.24.2
  • cpe:2.3:a:webdav:neon:0.24.3
    cpe:2.3:a:webdav:neon:0.24.3
  • cpe:2.3:a:webdav:neon:0.24.4
    cpe:2.3:a:webdav:neon:0.24.4
  • cpe:2.3:a:webdav:neon:0.24.5
    cpe:2.3:a:webdav:neon:0.24.5
  • cpe:2.3:a:webdav:neon:0.24.6
    cpe:2.3:a:webdav:neon:0.24.6
  • cpe:2.3:a:webdav:neon:0.24.7
    cpe:2.3:a:webdav:neon:0.24.7
  • cpe:2.3:a:webdav:neon:0.25.0
    cpe:2.3:a:webdav:neon:0.25.0
  • cpe:2.3:a:webdav:neon:0.25.1
    cpe:2.3:a:webdav:neon:0.25.1
  • cpe:2.3:a:webdav:neon:0.26.0
    cpe:2.3:a:webdav:neon:0.26.0
  • cpe:2.3:a:webdav:neon:0.26.1
    cpe:2.3:a:webdav:neon:0.26.1
  • cpe:2.3:a:webdav:neon:0.26.2
    cpe:2.3:a:webdav:neon:0.26.2
  • cpe:2.3:a:webdav:neon:0.26.3
    cpe:2.3:a:webdav:neon:0.26.3
  • cpe:2.3:a:webdav:neon:0.26.4
    cpe:2.3:a:webdav:neon:0.26.4
  • cpe:2.3:a:webdav:neon:0.15.0
    cpe:2.3:a:webdav:neon:0.15.0
  • cpe:2.3:a:webdav:neon:0.3.0
    cpe:2.3:a:webdav:neon:0.3.0
  • cpe:2.3:a:webdav:neon:0.3.1
    cpe:2.3:a:webdav:neon:0.3.1
  • cpe:2.3:a:webdav:neon:0.4.1
    cpe:2.3:a:webdav:neon:0.4.1
  • cpe:2.3:a:webdav:neon:0.4.2
    cpe:2.3:a:webdav:neon:0.4.2
  • cpe:2.3:a:webdav:neon:0.5.0
    cpe:2.3:a:webdav:neon:0.5.0
  • cpe:2.3:a:webdav:neon:0.5.1
    cpe:2.3:a:webdav:neon:0.5.1
  • cpe:2.3:a:webdav:neon:0.27.0
    cpe:2.3:a:webdav:neon:0.27.0
  • cpe:2.3:a:webdav:neon:0.6.0
    cpe:2.3:a:webdav:neon:0.6.0
  • cpe:2.3:a:webdav:neon:0.7.0
    cpe:2.3:a:webdav:neon:0.7.0
  • cpe:2.3:a:webdav:neon:0.7.1
    cpe:2.3:a:webdav:neon:0.7.1
  • cpe:2.3:a:webdav:neon:0.7.2
    cpe:2.3:a:webdav:neon:0.7.2
  • cpe:2.3:a:webdav:neon:0.7.3
    cpe:2.3:a:webdav:neon:0.7.3
  • cpe:2.3:a:webdav:neon:0.7.4
    cpe:2.3:a:webdav:neon:0.7.4
  • cpe:2.3:a:webdav:neon:0.7.5
    cpe:2.3:a:webdav:neon:0.7.5
  • cpe:2.3:a:webdav:neon:0.7.6
    cpe:2.3:a:webdav:neon:0.7.6
  • cpe:2.3:a:webdav:neon:0.7.7
    cpe:2.3:a:webdav:neon:0.7.7
  • cpe:2.3:a:webdav:neon:0.8.0
    cpe:2.3:a:webdav:neon:0.8.0
  • cpe:2.3:a:webdav:neon:0.8.1
    cpe:2.3:a:webdav:neon:0.8.1
  • cpe:2.3:a:webdav:neon:0.9.0
    cpe:2.3:a:webdav:neon:0.9.0
  • cpe:2.3:a:webdav:neon:0.9.1
    cpe:2.3:a:webdav:neon:0.9.1
  • cpe:2.3:a:webdav:neon:0.14.0
    cpe:2.3:a:webdav:neon:0.14.0
  • cpe:2.3:a:webdav:neon:0.24.1
    cpe:2.3:a:webdav:neon:0.24.1
  • cpe:2.3:a:webdav:neon:0.25.2
    cpe:2.3:a:webdav:neon:0.25.2
  • cpe:2.3:a:webdav:neon:0.25.3
    cpe:2.3:a:webdav:neon:0.25.3
  • cpe:2.3:a:webdav:neon:0.25.4
    cpe:2.3:a:webdav:neon:0.25.4
  • cpe:2.3:a:webdav:neon:0.27.1
    cpe:2.3:a:webdav:neon:0.27.1
  • cpe:2.3:a:webdav:neon:0.27.2
    cpe:2.3:a:webdav:neon:0.27.2
  • cpe:2.3:a:webdav:neon:0.28.3
    cpe:2.3:a:webdav:neon:0.28.3
  • cpe:2.3:a:webdav:neon:0.28.4
    cpe:2.3:a:webdav:neon:0.28.4
  • cpe:2.3:a:webdav:neon:0.16.0
    cpe:2.3:a:webdav:neon:0.16.0
  • cpe:2.3:a:webdav:neon:0.28.5
    cpe:2.3:a:webdav:neon:0.28.5
  • cpe:2.3:a:webdav:neon:0.28.0
    cpe:2.3:a:webdav:neon:0.28.0
CVSS
Base: 6.8 (as of 21-08-2009 - 14:29)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_5.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.5. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache mod_perl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - Image Capture - ImageIO - Image RAW - Kernel - MySQL - neon - Networking - OpenLDAP - OpenSSL - Password Server - PHP - Printing - python - QuickLook - QuickTime - Safari RSS - Time Machine - Wiki Server - X11 - xar
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 50548
    published 2010-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50548
    title Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1452.NASL
    description Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. It was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) All neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43792
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43792
    title CentOS 4 / 5 : neon (CESA-2009:1452)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090921_NEON_ON_SL4_X.NASL
    description CVE-2009-2473 neon, gnome-vfs2 embedded neon: billion laughs DoS attack CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields It was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60667
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60667
    title Scientific Linux Security Update : neon on SL4.x, SL5.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1452.NASL
    description Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. It was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) All neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 41031
    published 2009-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41031
    title RHEL 4 / 5 : neon (RHSA-2009:1452)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-835-1.NASL
    description Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 41046
    published 2009-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41046
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : neon, neon27 vulnerabilities (USN-835-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-315.NASL
    description A vulnerability has been found and corrected in libneo : neon before 0.28.6, when OpenSSL is used, does not properly handle a '�' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2474). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 43018
    published 2009-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43018
    title Mandriva Linux Security Advisory : libneon (MDVSA-2009:315)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-8794.NASL
    description This update includes the latest release of neon, version 0.28.6. This fixes two security issues: * the 'billion laughs' attack against expat could allow a Denial of Service attack by a malicious server. (CVE-2009-2473) * an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert. Several bug fixes are also included, notably: * X.509v1 CA certificates are trusted by default * Fix handling of some PKCS#12 certificates Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 40677
    published 2009-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40677
    title Fedora 10 : neon-0.28.6-1.fc10 (2009-8794)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1452.NASL
    description From Red Hat Security Advisory 2009:1452 : Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. It was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) All neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67927
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67927
    title Oracle Linux 4 / 5 : neon (ELSA-2009-1452)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-221.NASL
    description Multiple vulnerabilities has been found and corrected in libneon0.27 : neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564 (CVE-2009-2473). neon before 0.28.6, when OpenSSL is used, does not properly handle a '�' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2474). This update provides a solution to these vulnerabilities.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 40764
    published 2009-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40764
    title Mandriva Linux Security Advisory : libneon0.27 (MDVSA-2009:221)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-8815.NASL
    description This update includes the latest release of neon, version 0.28.6. This fixes two security issues: * the 'billion laughs' attack against expat could allow a Denial of Service attack by a malicious server. (CVE-2009-2473) * an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 40683
    published 2009-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40683
    title Fedora 11 : neon-0.28.6-1.fc11 (2009-8815)
oval via4
accepted 2013-04-29T04:15:30.491-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
family unix
id oval:org.mitre.oval:def:11721
status accepted
submitted 2010-07-09T03:56:16-04:00
title neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
version 24
redhat via4
advisories
bugzilla
id 518223
title CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment neon is earlier than 0:0.24.7-4.el4_8.2
          oval oval:com.redhat.rhsa:tst:20091452002
        • comment neon is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20091452003
      • AND
        • comment neon-devel is earlier than 0:0.24.7-4.el4_8.2
          oval oval:com.redhat.rhsa:tst:20091452004
        • comment neon-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20091452005
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment neon is earlier than 0:0.25.5-10.el5_4.1
          oval oval:com.redhat.rhsa:tst:20091452007
        • comment neon is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091452008
      • AND
        • comment neon-devel is earlier than 0:0.25.5-10.el5_4.1
          oval oval:com.redhat.rhsa:tst:20091452009
        • comment neon-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091452010
rhsa
id RHSA-2009:1452
released 2009-09-21
severity Moderate
title RHSA-2009:1452: neon security update (Moderate)
rpms
  • neon-0:0.24.7-4.el4_8.2
  • neon-devel-0:0.24.7-4.el4_8.2
  • neon-0:0.25.5-10.el5_4.1
  • neon-devel-0:0.25.5-10.el5_4.1
refmap via4
apple APPLE-SA-2010-11-10-1
bid 36079
confirm http://support.apple.com/kb/HT4435
fedora
  • FEDORA-2009-8794
  • FEDORA-2009-8815
mandriva MDVSA-2009:221
mlist
  • [neon] 20090818 CVE-2009-2474: fix handling of NUL in SSL cert subject names
  • [neon] 20090818 neon: release 0.28.6 (SECURITY)
secunia
  • 36371
  • 36799
ubuntu USN-835-1
vupen ADV-2009-2341
Last major update 18-11-2010 - 01:29
Published 21-08-2009 - 13:30
Last modified 18-09-2017 - 21:29
Back to Top