CVE-2009-5138

Severity

57%

Complexity

86%

Confidentiality

81%

GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959.

GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959.

CVSS 2.0 Base Score 5.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N).

Overview

First reported 10 years ago

2014-03-07 00:10:00

Last updated 10 years ago

2014-04-01 05:44:00

Affected Software

GNU GnuTLS 2.7.0

2.7.0

GNU GnuTLS 2.7.1

2.7.1

GNU GnuTLS 2.7.2

2.7.2

GNU GnuTLS 2.7.3

2.7.3

GNU GnuTLS 2.7.4

2.7.4

GNU GnuTLS

References

[oss-security] 20140225 Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)

SUSE-SU-2014:0319

SUSE-SU-2014:0320

SUSE-SU-2014:0322

SUSE-SU-2014:0445

RHSA-2014:0247

57254

57260

57274

57321

[gnutls-devel] 20090109 Re: gnutls fails to use Verisign CA cert without a Basic Constraint

[oss-security] 20140227 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)

https://bugzilla.redhat.com/show_bug.cgi?id=1069301

https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd

Exploit, Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.