Vulnerabilities > CVE-2009-0265 - Unchecked Return Value vulnerability in ISC Bind

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
isc
CWE-252
nessus

Summary

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.

Vulnerable Configurations

Part Description Count
Application
Isc
752

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-037.NASL
    descriptionInternet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025. In this particular case the DSA_verify function was fixed with MDVSA-2009:002, this update does however address the RSA_verify function (CVE-2009-0265).
    last seen2020-06-01
    modified2020-06-02
    plugin id36346
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36346
    titleMandriva Linux Security Advisory : bind (MDVSA-2009:037)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2009-014-02.NASL
    descriptionNew bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id54870
    published2011-05-28
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/54870
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2009-014-02)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL11503.NASL
    descriptionThe remote BIG-IP device is missing a patch required by a security advisory.
    last seen2020-06-01
    modified2020-06-02
    plugin id78125
    published2014-10-10
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78125
    titleF5 Networks BIG-IP : BIND 9 vulnerability (SOL11503)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200903-14.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200903-14 (BIND: Incorrect signature verification) BIND does not properly check the return value from the OpenSSL functions to verify DSA (CVE-2009-0025) and RSA (CVE-2009-0265) certificates. Impact : A remote attacker could bypass validation of the certificate chain to spoof DNSSEC-authenticated records. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id35812
    published2009-03-10
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35812
    titleGLSA-200903-14 : BIND: Incorrect signature verification
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL9754.NASL
    descriptionThe remote BIG-IP device is missing a patch required by a security advisory.
    last seen2020-06-01
    modified2020-06-02
    plugin id78228
    published2014-10-10
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78228
    titleF5 Networks BIG-IP : BIND 9 vulnerability (SOL9754)

Statements

contributorJoshua Bressers
lastmodified2009-01-26
organizationRed Hat
statementNot vulnerable. This issue did not affect the versions of BIND as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.