- Home
- CVEs with nessus.description==Several vulnerabilities have been discovered in the Network Security
Service libraries. The Common Vulnerabilities and Exposures project
identifies the following problems :
- CVE-2009-2404
Moxie Marlinspike discovered that a buffer overflow in
the regular expression parser could lead to the
execution of arbitrary code.
- CVE-2009-2408
Dan Kaminsky discovered that NULL characters in
certificate names could lead to man-in-the-middle
attacks by tricking the user into accepting a rogue
certificate.
- CVE-2009-2409
Certificates with MD2 hash signatures are no longer
accepted since they're no longer considered
cryptograhically secure.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top