CVE-2009-3767

Summary

CVE	CVE-2009-3767
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2009-10-23 19:30:00 UTC
Updated	2020-10-14 17:13:00 UTC
Description	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Risk And Classification

Problem Types: CWE-295

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Apple	Mac Os X	All	All	All	All
Operating System	Apple	Mac Os X	All	All	All	All
Operating System	Fedoraproject	Fedora	11	All	All	All
Operating System	Fedoraproject	Fedora	11	All	All	All
Application	Openldap	Openldap	All	All	All	All
Application	Openldap	Openldap	All	All	All	All
Application	Openssl	Openssl	All	All	All	All
Application	Openssl	Openssl	All	All	All	All

References

Reference	Source	Link	Tags
About Security Update 2009-006 / Mac OS X v10.6.2	CONFIRM	support.apple.com	Broken Link
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:016	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
Repository / Oval Repository	OVAL	oval.cisecurity.org	Third Party Advisory
Webmail - OVH	VUPEN	www.vupen.com	Third Party Advisory
APPLE-SA-2009-11-09-1 Security Update 2009-006 / Mac OS X v10.6.2	APPLE	lists.apple.com	Mailing List, Third Party Advisory
Fedora update for openldap - Secunia.com	SECUNIA	secunia.com	Third Party Advisory
Red Hat Customer Portal	REDHAT	www.redhat.com	Third Party Advisory
libraries/libldap/tls_o.c - diff - 1.11	CONFIRM	www.openldap.org	Patch, Vendor Advisory
Repository / Oval Repository	OVAL	oval.cisecurity.org	Third Party Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com	Third Party Advisory
[SECURITY] Fedora 11 Update: openldap-2.4.15-7.fc11	FEDORA	lists.fedoraproject.org	Third Party Advisory
Red Hat update for openldap - Secunia.com	SECUNIA	secunia.com	Third Party Advisory
Support	REDHAT	www.redhat.com	Third Party Advisory
'Re: [oss-security] More CVE-2009-2408 like issues' - MARC	MLIST	marc.info	Third Party Advisory
Gentoo Linux Documentation -- OpenLDAP: Multiple vulnerabilities	GENTOO	security.gentoo.org	Third Party Advisory
'[oss-security] More CVE-2009-2408 like issues' - MARC	MLIST	marc.info	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Organization	Published	Contributor	Statement
Red Hat	2010-07-20	Tomas Hoger	Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767 This issue was addressed in the openldap packages as shipped with Red Hat Enterprise Linux 5 and 4 via: https://rhn.redhat.com/errata/RHSA-2010-0198.html and https://rhn.redhat.com/errata/RHSA-2010-0543.html respectively. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future openldap update may address this flaw in Red Hat Enterprise Linux 3.
OpenLDAP	2009-10-30		OpenLDAP reported this issue and published a patch for it on 2009-07-30. The patch was included in OpenLDAP 2.4.18 which was released on 2009-09-06. The current release of OpenLDAP is available from the following location: http://www.openldap.org/software/download/

Legacy QID Mappings

900014 CBL-Mariner Linux Security Update for openssl 1.1.1g
900145 CBL-Mariner Linux Security Update for openldap 2.4.50
903234 Common Base Linux Mariner (CBL-Mariner) Security Update for Open Secure Sockets Layer (OpenSSL) (2690)
903263 Common Base Linux Mariner (CBL-Mariner) Security Update for openldap (2547)