CVE-2009-0126 (boinc_client) |
|
| BugsAlert Home > CVE-2009-0126 (boinc_client) | |
|
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. Original Source: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0126 Learn more about CVE-2009-0126 (boinc_client) |
|
| Tags: cve-2009-0126 boinc client | |
Related Items |
|
|
Installing a Secure Instant Messaging Server on Linux
|
|
|
Tobias Markus: Mozilla timeline mockup: Feedback wanted!
|
|
|
Vuln: Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
|
|
|
TROJ_QHOST.TB
|
|
|
RedHat: Moderate: NetworkManager security update
|
|
|
FrSIRT - Sun Java System Portal Server Cross Site Scripting Vulnerability
|
|
|
CVE-2008-4199 (opera, opera9.50)
|
|