CVE-2009-4565

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

References

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html

http://marc.info/?l=bugtraq&m=126953289726317&w=2

http://secunia.com/advisories/37998

http://secunia.com/advisories/38314

http://secunia.com/advisories/38915

http://secunia.com/advisories/39088

http://secunia.com/advisories/40109

http://secunia.com/advisories/43366

http://security.gentoo.org/glsa/glsa-201206-30.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1

http://www.debian.org/security/2010/dsa-1985

http://www.redhat.com/support/errata/RHSA-2011-0262.html

http://www.securityfocus.com/bid/37543

http://www.sendmail.org/releases/8.14.4

http://www.vupen.com/english/advisories/2009/3661

http://www.vupen.com/english/advisories/2010/0719

http://www.vupen.com/english/advisories/2010/1386

http://www.vupen.com/english/advisories/2011/0415

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822

Details

Source: MITRE

Published: 2010-01-04

Updated: 2017-09-19

Type: CWE-310

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:4.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:4.55:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:5:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.1.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.6:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.7:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.13.8:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.14.1:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:8.14.2:*:*:*:*:*:*:*

cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:* versions up to 8.14.3 (inclusive)

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
68203Oracle Linux 4 : sendmail (ELSA-2011-0262)NessusOracle Linux Local Security Checks
high
63813AIX 5.3 TL 11 : sendmail (IZ72837)NessusAIX Local Security Checks
high
63812AIX 5.3 TL 10 : sendmail (IZ72836)NessusAIX Local Security Checks
high
63811AIX 5.3 TL 9 : sendmail (IZ72835)NessusAIX Local Security Checks
high
63810AIX 5.3 TL 8 : sendmail (IZ72834)NessusAIX Local Security Checks
high
63809AIX 6.1 TL 1 : sendmail (IZ72528)NessusAIX Local Security Checks
high
63808AIX 6.1 TL 2 : sendmail (IZ72515)NessusAIX Local Security Checks
high
63807AIX 6.1 TL 3 : sendmail (IZ72510)NessusAIX Local Security Checks
high
63799AIX 6.1 TL 4 : sendmail (IZ70637)NessusAIX Local Security Checks
high
60962Scientific Linux Security Update : sendmail on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
60774Scientific Linux Security Update : sendmail on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
59703GLSA-201206-30 : sendmail: X.509 NULL spoofing vulnerabilityNessusGentoo Local Security Checks
high
53535RHEL 4 : sendmail (RHSA-2011:0262)NessusRed Hat Local Security Checks
high
49924SuSE 10 Security Update : sendmail (ZYPP Patch Number 6860)NessusSuSE Local Security Checks
high
47389Fedora 12 : sendmail-8.14.4-3.fc12 (2010-5470)NessusFedora Local Security Checks
high
47387Fedora 11 : sendmail-8.14.4-3.fc11 (2010-5399)NessusFedora Local Security Checks
high
46286RHEL 5 : sendmail (RHSA-2010:0237)NessusRed Hat Local Security Checks
high
44958SuSE9 Security Update : sendmail (YOU Patch Number 12590)NessusSuSE Local Security Checks
high
44935SuSE 10 Security Update : sendmail (ZYPP Patch Number 6859)NessusSuSE Local Security Checks
high
44933SuSE 11 Security Update : sendmail (SAT Patch Number 2021)NessusSuSE Local Security Checks
high
44932openSUSE Security Update : rmail (rmail-2012)NessusSuSE Local Security Checks
high
44931openSUSE Security Update : rmail (rmail-2012)NessusSuSE Local Security Checks
high
44930openSUSE Security Update : rmail (rmail-2012)NessusSuSE Local Security Checks
high
44849Debian DSA-1985-1 : sendmail - insufficient input validationNessusDebian Local Security Checks
high
43867Mandriva Linux Security Advisory : sendmail (MDVSA-2010:003)NessusMandriva Local Security Checks
high
5293Sendmail < 8.14.4 SSL Certificate NULL Character SpoofingNessus Network MonitorSMTP Servers
medium
43637Sendmail < 8.14.4 SSL Certificate NULL Character SpoofingNessusSMTP problems
high