CVE-2009-4028

The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
mysqlmysql
𝑥
≤ 5.0.87
mysqlmysql
5.0.0
mysqlmysql
5.0.1
mysqlmysql
5.0.2
mysqlmysql
5.0.3
mysqlmysql
5.0.4
mysqlmysql
5.0.5
mysqlmysql
5.0.5.0.21
mysqlmysql
5.0.10
mysqlmysql
5.0.15
mysqlmysql
5.0.16
mysqlmysql
5.0.17
mysqlmysql
5.0.20
mysqlmysql
5.0.22.1.0.1
mysqlmysql
5.0.24
mysqlmysql
5.0.30
mysqlmysql
5.0.36
mysqlmysql
5.0.44
mysqlmysql
5.0.54
mysqlmysql
5.0.56
mysqlmysql
5.0.60
mysqlmysql
5.0.66
mysqlmysql
5.0.82
mysqlmysql
5.0.84
mysqlmysql
5.1.5
mysqlmysql
5.1.23
mysqlmysql
5.1.31
mysqlmysql
5.1.32
mysqlmysql
5.1.34
mysqlmysql
5.1.37
oraclemysql
5.0.0:alpha
oraclemysql
5.0.3:beta
oraclemysql
5.0.6
oraclemysql
5.0.7
oraclemysql
5.0.8
oraclemysql
5.0.11
oraclemysql
5.0.12
oraclemysql
5.0.13
oraclemysql
5.0.14
oraclemysql
5.0.18
oraclemysql
5.0.19
oraclemysql
5.0.21
oraclemysql
5.0.22
oraclemysql
5.0.23
oraclemysql
5.0.25
oraclemysql
5.0.26
oraclemysql
5.0.27
oraclemysql
5.0.30:sp1
oraclemysql
5.0.32
oraclemysql
5.0.33
oraclemysql
5.0.37
oraclemysql
5.0.38
oraclemysql
5.0.41
oraclemysql
5.0.42
oraclemysql
5.0.45
oraclemysql
5.0.50
oraclemysql
5.0.51
oraclemysql
5.0.52
oraclemysql
5.0.75
oraclemysql
5.0.77
oraclemysql
5.0.81
oraclemysql
5.0.83
oraclemysql
5.0.85
oraclemysql
5.0.86
oraclemysql
5.1
oraclemysql
5.1.1
oraclemysql
5.1.2
oraclemysql
5.1.3
oraclemysql
5.1.4
oraclemysql
5.1.6
oraclemysql
5.1.7
oraclemysql
5.1.8
oraclemysql
5.1.9
oraclemysql
5.1.10
oraclemysql
5.1.11
oraclemysql
5.1.12
oraclemysql
5.1.13
oraclemysql
5.1.14
oraclemysql
5.1.15
oraclemysql
5.1.16
oraclemysql
5.1.17
oraclemysql
5.1.18
oraclemysql
5.1.19
oraclemysql
5.1.20
oraclemysql
5.1.21
oraclemysql
5.1.22
oraclemysql
5.1.23:a
oraclemysql
5.1.24
oraclemysql
5.1.25
oraclemysql
5.1.26
oraclemysql
5.1.27
oraclemysql
5.1.28
oraclemysql
5.1.29
oraclemysql
5.1.30
oraclemysql
5.1.31:sp1
oraclemysql
5.1.33
oraclemysql
5.1.34:sp1
oraclemysql
5.1.35
oraclemysql
5.1.36
oraclemysql
5.1.37:sp1
oraclemysql
5.1.38
oraclemysql
5.1.39
oraclemysql
5.1.40
oraclemysql
5.1.40:sp1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mysql-dfsg
dapper
ignored
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
mysql-dfsg-4.1
dapper
ignored
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
mysql-dfsg-5.0
dapper
not-affected
hardy
not-affected
intrepid
not-affected
jaunty
not-affected
karmic
not-affected
mysql-dfsg-5.1
dapper
dne
hardy
dne
intrepid
dne
jaunty
not-affected
karmic
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
liblz4-1
suse enterprise sap 12 SP5
1.8.0-3.5.2
fixed
suse enterprise server 12 SP5
1.8.0-3.5.2
fixed
libmariadb3
suse enterprise sap 12 SP5
3.1.22-2.35.1
fixed
suse enterprise server 12 SP5
3.1.22-2.35.1
fixed
libmariadb_plugins
suse enterprise sap 12 SP5
3.1.22-2.35.1
fixed
suse enterprise server 12 SP5
3.1.22-2.35.1
fixed
libmariadbd104-devel
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
libmariadbd19
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
libmysqlclient18
suse enterprise sap 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise server 12 SP5
10.0.40.1-2.9.1
fixed
libmysqlclient18-32bit
suse enterprise sap 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise server 12 SP5
10.0.40.1-2.9.1
fixed
libmysqlclient_r18
suse enterprise desktop 12
10.0.11-6.4
fixed
suse enterprise desktop 12 SP1
10.0.21-1.17
fixed
suse enterprise desktop 12 SP2
10.0.27-12.1
fixed
suse enterprise desktop 12 SP3
10.0.30-28.1
fixed
suse enterprise desktop 12 SP4
10.0.35-1.7
fixed
suse enterprise sap 12
10.0.11-6.4
fixed
suse enterprise sap 12 SP1
10.0.21-1.17
fixed
suse enterprise sap 12 SP2
10.0.27-12.1
fixed
suse enterprise sap 12 SP3
10.0.30-28.1
fixed
suse enterprise sap 12 SP4
10.0.35-1.7
fixed
suse enterprise sap 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise server 12
10.0.11-6.4
fixed
suse enterprise server 12 SP1
10.0.21-1.17
fixed
suse enterprise server 12 SP2
10.0.27-12.1
fixed
suse enterprise server 12 SP3
10.0.30-28.1
fixed
suse enterprise server 12 SP4
10.0.35-1.7
fixed
suse enterprise server 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise workstation 12
10.0.11-6.4
fixed
suse enterprise workstation 12 SP1
10.0.21-1.17
fixed
suse enterprise workstation 12 SP2
10.0.27-12.1
fixed
suse enterprise workstation 12 SP3
10.0.30-28.1
fixed
suse enterprise workstation 12 SP4
10.0.35-1.7
fixed
suse enterprise workstation 12 SP5
10.0.40.1-2.9.1
fixed
libmysqlclient_r18-32bit
suse enterprise desktop 12
10.0.11-6.4
fixed
suse enterprise desktop 12 SP1
10.0.21-1.17
fixed
suse enterprise desktop 12 SP2
10.0.27-12.1
fixed
suse enterprise desktop 12 SP3
10.0.30-28.1
fixed
suse enterprise desktop 12 SP4
10.0.35-1.7
fixed
suse enterprise sap 12
10.0.11-6.4
fixed
suse enterprise sap 12 SP1
10.0.21-1.17
fixed
suse enterprise sap 12 SP2
10.0.27-12.1
fixed
suse enterprise sap 12 SP3
10.0.30-28.1
fixed
suse enterprise sap 12 SP4
10.0.35-1.7
fixed
suse enterprise sap 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise server 12
10.0.11-6.4
fixed
suse enterprise server 12 SP1
10.0.21-1.17
fixed
suse enterprise server 12 SP2
10.0.27-12.1
fixed
suse enterprise server 12 SP3
10.0.30-28.1
fixed
suse enterprise server 12 SP4
10.0.35-1.7
fixed
suse enterprise server 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise workstation 12
10.0.11-6.4
fixed
suse enterprise workstation 12 SP1
10.0.21-1.17
fixed
suse enterprise workstation 12 SP2
10.0.27-12.1
fixed
suse enterprise workstation 12 SP3
10.0.30-28.1
fixed
suse enterprise workstation 12 SP4
10.0.35-1.7
fixed
suse enterprise workstation 12 SP5
10.0.40.1-2.9.1
fixed
libmysqld-devel
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
libmysqld19
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
mariadb
suse enterprise sap 12 SP5
10.2.25-3.19.2
fixed
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 12 SP5
10.2.25-3.19.2
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
mariadb-100-errormessages
suse enterprise sap 12 SP5
10.0.40.1-2.9.1
fixed
suse enterprise server 12 SP5
10.0.40.1-2.9.1
fixed
mariadb-client
suse enterprise sap 12 SP5
10.2.25-3.19.2
fixed
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 12 SP5
10.2.25-3.19.2
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
mariadb-errormessages
suse enterprise sap 12 SP5
10.2.25-3.19.2
fixed
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 12 SP5
10.2.25-3.19.2
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
mariadb-tools
suse enterprise sap 12 SP5
10.2.25-3.19.2
fixed
suse enterprise sap 15
10.2.15-1.3
fixed
suse enterprise sap 15 SP1
10.2.22-3.14.1
fixed
suse enterprise server 12 SP5
10.2.25-3.19.2
fixed
suse enterprise server 15
10.2.15-1.3
fixed
suse enterprise server 15 SP1
10.2.22-3.14.1
fixed
mariadb104
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-bench
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-client
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-errormessages
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-galera
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-rpm-macros
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-test
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-tools
suse enterprise sap 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 12 SP5
10.4.30-8.5.46
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
python3-mysqlclient
suse enterprise sap 12 SP5
1.3.14-8.9.2
fixed
suse enterprise server 12 SP5
1.3.14-8.9.2
fixed
suse enterprise server 15 SP1
1.4.6-150100.3.3.7
fixed
Common Weakness Enumeration
References
http://bugs.mysql.com/47320
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
http://lists.mysql.com/commits/87446
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
http://marc.info/?l=oss-security&m=125881733826437&w=2
http://www.openwall.com/lists/oss-security/2009/11/19/3
http://www.openwall.com/lists/oss-security/2009/11/23/16
http://www.redhat.com/support/errata/RHSA-2010-0109.html
http://www.vupen.com/english/advisories/2010/1107
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510
http://bugs.mysql.com/47320
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
http://lists.mysql.com/commits/87446
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
http://marc.info/?l=oss-security&m=125881733826437&w=2
http://www.openwall.com/lists/oss-security/2009/11/19/3
http://www.openwall.com/lists/oss-security/2009/11/23/16
http://www.redhat.com/support/errata/RHSA-2010-0109.html
http://www.vupen.com/english/advisories/2010/1107
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510