CVE-2009-1417

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.

References

http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517

http://secunia.com/advisories/34842

http://secunia.com/advisories/35211

http://security.gentoo.org/glsa/glsa-200905-04.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:116

http://www.securityfocus.com/bid/34783

http://www.securitytracker.com/id?1022159

http://www.vupen.com/english/advisories/2009/1218

https://exchange.xforce.ibmcloud.com/vulnerabilities/50261

Details

Source: MITRE

Published: 2009-04-30

Updated: 2017-08-17

Type: CWE-310

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:* versions up to 2.6.5 (inclusive)

Tenable Plugins

View all (4 total)

IDNameProductFamilySeverity
42994Mandriva Linux Security Advisory : gnutls (MDVSA-2009:308)NessusMandriva Local Security Checks
high
40661FreeBSD : GnuTLS -- multiple vulnerabilities (b31a1088-460f-11de-a11a-0022156e8794)NessusFreeBSD Local Security Checks
high
38885GLSA-200905-04 : GnuTLS: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
38815Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)NessusMandriva Local Security Checks
high