RHSA-2010:0440

Vulnerability from csaf_redhat - Published: 2010-05-25 20:41 - Updated: 2025-11-21 17:36
Summary
Red Hat Security Advisory: rhev-hypervisor security and bug fix update
Severity
Important
Notes
Topic: An updated rhev-hypervisor package that fixes two security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Details: The rhev-hypervisor package provides a Red Hat Enterprise Virtualization (RHEV) Hypervisor ISO disk image. The RHEV Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: RHEV Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was discovered that OpenSSL did not always check the return value of the bn_wexpand() function. An attacker able to trigger a memory allocation failure in that function could cause an application using the OpenSSL library to crash or, possibly, execute arbitrary code. (CVE-2009-3245) A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw in openssl, nss, and gnutls by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746. (CVE-2009-3555) This updated package provides updated components that include fixes for security issues; however, these issues have no security impact for RHEV Hypervisor. These fixes are for kernel issues CVE-2009-4307, CVE-2010-0727, CVE-2009-4027, and CVE-2010-1188; cpio issues CVE-2010-0624 and CVE-2007-4476; gnutls issue CVE-2009-2409; openssl issue CVE-2010-0433; and tar issues CVE-2010-0624 and CVE-2007-4476. This update also fixes the following bugs: * bridged network interfaces using the bnx2x, mlx4_en, enic and s2io drivers had Large Receive Offload (LRO) enabled by default. This caused significantly degraded network I/O performance. LRO has been disabled for all network interface drivers which have LRO enabled by default in Red Hat Enterprise Linux 5. With this change, network I/O performance is significantly improved. (BZ#576374, BZ#579730) * RHEV Hypervisor supported IPv6, but as this is not used to communicate with the RHEV Manager, it is superfluous. Support for IPv6 has now been disabled in RHEV Hypervisor. (BZ#577300) * for VLAN interfaces, the hardware (MAC) address of the interface was set only in the VLAN ifcfg script, not in the physical interface ifcfg script. This caused network interfaces with VLAN tags to intermittently fail on boot. The MAC address is now set in the ifcfg script for the underlying physical interface. Network interfaces with VLAN tags now work consistently between reboots. (BZ#581876) * the hypervisor would hang on reboot after repeated upgrade operations, due to GRUB accessing the /boot file system before it was flushed. The /boot file system is now remounted before GRUB accesses it. (BZ#591111) As RHEV Hypervisor is based on KVM, the bug fixes from the KVM update RHBA-2010:0434 have been included in this update. Also included are the bug fixes from the RHEV Manager Agent (VDSM) update RHBA-2010:0435. KVM: https://rhn.redhat.com/errata/RHBA-2010-0434.html VDSM: https://rhn.redhat.com/errata/RHBA-2010-0435.html Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which corrects these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2009-3245

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.

7.6 ()
AV:N/AC:H/Au:N/C:C/I:C/A:C
CWE-476 - NULL Pointer Dereference
Affected products
Product Identifier Version Remediation
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch
Vendor Fix fix
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src
Vendor Fix fix
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch
Vendor Fix fix
Threats
Impact Important
CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

4.3 ()
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-300 - Channel Accessible by Non-Endpoint
Affected products
Product Identifier Version Remediation
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch
Vendor Fix fix
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src
Vendor Fix fix
Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch
Vendor Fix fix
Threats
Impact Moderate
References
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated rhev-hypervisor package that fixes two security issues and\nseveral bugs is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The rhev-hypervisor package provides a Red Hat Enterprise Virtualization\n(RHEV) Hypervisor ISO disk image. The RHEV Hypervisor is a dedicated\nKernel-based Virtual Machine (KVM) hypervisor. It includes everything\nnecessary to run and manage virtual machines: A subset of the Red Hat\nEnterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: RHEV Hypervisor is only available for the Intel 64 and AMD64\narchitectures with virtualization extensions.\n\nIt was discovered that OpenSSL did not always check the return value of\nthe bn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw in openssl, nss, and\ngnutls by implementing the TLS Renegotiation Indication Extension, as\ndefined in RFC 5746. (CVE-2009-3555)\n\nThis updated package provides updated components that include fixes for\nsecurity issues; however, these issues have no security impact for RHEV\nHypervisor. These fixes are for kernel issues CVE-2009-4307, CVE-2010-0727,\nCVE-2009-4027, and CVE-2010-1188; cpio issues CVE-2010-0624 and\nCVE-2007-4476; gnutls issue CVE-2009-2409; openssl issue CVE-2010-0433; and\ntar issues CVE-2010-0624 and CVE-2007-4476.\n\nThis update also fixes the following bugs:\n\n* bridged network interfaces using the bnx2x, mlx4_en, enic and s2io\ndrivers had Large Receive Offload (LRO) enabled by default. This caused\nsignificantly degraded network I/O performance. LRO has been disabled for\nall network interface drivers which have LRO enabled by default in Red Hat\nEnterprise Linux 5. With this change, network I/O performance is\nsignificantly improved. (BZ#576374, BZ#579730)\n\n* RHEV Hypervisor supported IPv6, but as this is not used to communicate\nwith the RHEV Manager, it is superfluous. Support for IPv6 has now been\ndisabled in RHEV Hypervisor. (BZ#577300)\n\n* for VLAN interfaces, the hardware (MAC) address of the interface was set\nonly in the VLAN ifcfg script, not in the physical interface ifcfg script.\nThis caused network interfaces with VLAN tags to intermittently fail on\nboot. The MAC address is now set in the ifcfg script for the underlying\nphysical interface. Network interfaces with VLAN tags now work consistently\nbetween reboots. (BZ#581876)\n\n* the hypervisor would hang on reboot after repeated upgrade operations,\ndue to GRUB accessing the /boot file system before it was flushed. The\n/boot file system is now remounted before GRUB accesses it. (BZ#591111)\n\nAs RHEV Hypervisor is based on KVM, the bug fixes from the KVM update\nRHBA-2010:0434 have been included in this update. Also included are the bug\nfixes from the RHEV Manager Agent (VDSM) update RHBA-2010:0435.\n\nKVM: https://rhn.redhat.com/errata/RHBA-2010-0434.html\nVDSM: https://rhn.redhat.com/errata/RHBA-2010-0435.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2010:0440",
        "url": "https://access.redhat.com/errata/RHSA-2010:0440"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "533125",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
      },
      {
        "category": "external",
        "summary": "570924",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570924"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0440.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhev-hypervisor security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:36:12+00:00",
      "generator": {
        "date": "2025-11-21T17:36:12+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2010:0440",
      "initial_release_date": "2010-05-25T20:41:00+00:00",
      "revision_history": [
        {
          "date": "2010-05-25T20:41:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2010-05-25T16:41:48+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:36:12+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Virtualization Hypervisor 5",
                "product": {
                  "name": "Red Hat Enterprise Virtualization Hypervisor 5",
                  "product_id": "5Server-RHEV-Hypervisor-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::hypervisor"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
                "product": {
                  "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
                  "product_id": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.12.1.el5_4rhev2_1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                "product": {
                  "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                  "product_id": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.12.1.el5_4rhev2_1?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                "product": {
                  "name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                  "product_id": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhev-hypervisor-pxe@5.4-2.1.12.1.el5_4rhev2_1?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch as a component of Red Hat Enterprise Virtualization Hypervisor 5",
          "product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
        },
        "product_reference": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
        "relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src as a component of Red Hat Enterprise Virtualization Hypervisor 5",
          "product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src"
        },
        "product_reference": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
        "relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch as a component of Red Hat Enterprise Virtualization Hypervisor 5",
          "product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
        },
        "product_reference": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
        "relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-3245",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2010-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "570924"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: missing bn_wexpand return value checks",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3245"
        },
        {
          "category": "external",
          "summary": "RHBZ#570924",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570924"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3245",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3245",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3245"
        }
      ],
      "release_date": "2010-02-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-05-25T20:41:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0440"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: missing bn_wexpand return value checks"
    },
    {
      "cve": "CVE-2009-3555",
      "cwe": {
        "id": "CWE-300",
        "name": "Channel Accessible by Non-Endpoint"
      },
      "discovery_date": "2009-10-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "533125"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "TLS: MITM attacks via session renegotiation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
          "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3555"
        },
        {
          "category": "external",
          "summary": "RHBZ#533125",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
        }
      ],
      "release_date": "2009-11-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-05-25T20:41:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0440"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
            "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "TLS: MITM attacks via session renegotiation"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.