CVE-2009-0050
07.01.2009, 18:30
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.Enginsight
Vendor | Product | Version |
---|---|---|
entrouvert | lasso | 𝑥 ≤ 2.2.1-0 |
entrouvert | lasso | 1.9.9.0 |
entrouvert | lasso | 2.0.0-1 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration
References