CVE-2009-2408 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-2408 Interim 1 19 2024-10-24T02:07:41Z current 2021-05-30T12:47:38Z 2024-10-24T02:07:41Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-2408 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH/#475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH E-Mail link for SUSE-SA:2009:048 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62/#ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62 E-Mail link for SUSE-SR:2009:016 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VMEAISLN34UWMY72L5AVPLMJAVE4JTFW/#VMEAISLN34UWMY72L5AVPLMJAVE4JTFW E-Mail link for SUSE-SR:2009:018 https://www.suse.com/support/kb/doc/?id=7021279 E-Mail link for TID7021279 https://www.suse.com/support/kb/doc/?id=7021518 E-Mail link for TID7021518 https://www.suse.com/support/kb/doc/?id=7021676 E-Mail link for TID7021676 https://www.suse.com/support/kb/doc/?id=7021848 E-Mail link for TID7021848 https://www.suse.com/support/kb/doc/?id=7022090 E-Mail link for TID7022090 https://www.suse.com/support/kb/doc/?id=7022102 E-Mail link for TID7022102 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SUSE Linux Enterprise Software Development Kit 11 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Software Development Kit 11 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Software Development Kit 11 libfreebl3-3.12.3.1-1.1.1 libfreebl3-32bit-3.12.3.1-1.1.1 libfreebl3-x86-3.12.8-1.2.1 libldap-2_4-2 libldap-2_4-2-2.4.12-7.18.1 libldap-2_4-2-32bit-2.4.12-7.18.1 libldap-2_4-2-x86-2.4.12-7.19.1 libneon27-0.28.3-2.12.1 libneon27-32bit-0.28.3-2.12.1 libneon27-x86-0.28.3-2.12.1 mozilla-nspr-32bit-4.8.6-1.2.1 mozilla-nspr-4.8.6-1.2.1 mozilla-nspr-x86-4.8.6-1.2.1 mozilla-nss-3.12.3.1-1.1.1 mozilla-nss-32bit-3.12.3.1-1.1.1 mozilla-nss-tools-3.12.3.1-1.1.1 mozilla-nss-x86-3.12.8-1.2.1 mutt-1.5.17-42.32.2 neon-0.28.3-2.12.1 openldap2-2.4.12-7.18.1 openldap2-back-meta-2.4.12-7.18.1 openldap2-client openldap2-client-2.4.12-7.18.1 zlib-1.2.3-106.34 zlib-32bit-1.2.3-106.34 zlib-x86-1.2.3-106.34 libfreebl3-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server 11 libfreebl3-32bit-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server 11 libfreebl3-x86-3.12.8-1.2.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-32bit-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-x86-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 libneon27-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server 11 libneon27-32bit-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server 11 libneon27-x86-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nspr-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nspr-32bit-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nspr-x86-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nss-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nss-32bit-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nss-tools-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server 11 mozilla-nss-x86-3.12.8-1.2.1 as a component of SUSE Linux Enterprise Server 11 mutt-1.5.17-42.32.2 as a component of SUSE Linux Enterprise Server 11 neon-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server 11 openldap2-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server 11 openldap2-back-meta-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server 11 openldap2-client-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server 11 zlib-1.2.3-106.34 as a component of SUSE Linux Enterprise Server 11 zlib-32bit-1.2.3-106.34 as a component of SUSE Linux Enterprise Server 11 zlib-x86-1.2.3-106.34 as a component of SUSE Linux Enterprise Server 11 libfreebl3-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libfreebl3-32bit-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libfreebl3-x86-3.12.8-1.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-32bit-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-x86-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libneon27-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libneon27-32bit-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libneon27-x86-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nspr-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nspr-32bit-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nspr-x86-4.8.6-1.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nss-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nss-32bit-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nss-tools-3.12.3.1-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mozilla-nss-x86-3.12.8-1.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 mutt-1.5.17-42.32.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 neon-0.28.3-2.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-back-meta-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-client-2.4.12-7.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 zlib-1.2.3-106.34 as a component of SUSE Linux Enterprise Server for SAP Applications 11 zlib-32bit-1.2.3-106.34 as a component of SUSE Linux Enterprise Server for SAP Applications 11 zlib-x86-1.2.3-106.34 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-client as a component of SUSE Linux Enterprise Desktop 11 libldap-2_4-2 as a component of SUSE Linux Enterprise Server 11 openldap2-client as a component of SUSE Linux Enterprise Server 11 openldap2-client as a component of SUSE Linux Enterprise Software Development Kit 11 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. CVE-2009-2408 SUSE Linux Enterprise Server 11:libfreebl3-3.12.3.1-1.1.1 SUSE Linux Enterprise Server 11:libfreebl3-32bit-3.12.3.1-1.1.1 SUSE Linux Enterprise Server 11:libfreebl3-x86-3.12.8-1.2.1 SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.18.1 SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.18.1 SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:libneon27-0.28.3-2.12.1 SUSE Linux Enterprise Server 11:libneon27-32bit-0.28.3-2.12.1 SUSE Linux Enterprise Server 11:libneon27-x86-0.28.3-2.12.1 SUSE Linux Enterprise Server 11:mozilla-nspr-4.8.6-1.2.1 SUSE Linux Enterprise Server 11:mozilla-nspr-32bit-4.8.6-1.2.1 SUSE Linux Enterprise Server 11:mozilla-nspr-x86-4.8.6-1.2.1 SUSE Linux Enterprise Server 11:mozilla-nss-3.12.3.1-1.1.1 SUSE Linux Enterprise Server 11:mozilla-nss-32bit-3.12.3.1-1.1.1 SUSE Linux Enterprise Server 11:mozilla-nss-tools-3.12.3.1-1.1.1 SUSE Linux Enterprise Server 11:mozilla-nss-x86-3.12.8-1.2.1 SUSE Linux Enterprise Server 11:mutt-1.5.17-42.32.2 SUSE Linux Enterprise Server 11:neon-0.28.3-2.12.1 SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.18.1 SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.18.1 SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.18.1 SUSE Linux Enterprise Server 11:zlib-1.2.3-106.34 SUSE Linux Enterprise Server 11:zlib-32bit-1.2.3-106.34 SUSE Linux Enterprise Server 11:zlib-x86-1.2.3-106.34 SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-3.12.3.1-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-32bit-3.12.3.1-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-x86-3.12.8-1.2.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.18.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.18.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:libneon27-0.28.3-2.12.1 SUSE Linux Enterprise Server for SAP Applications 11:libneon27-32bit-0.28.3-2.12.1 SUSE Linux Enterprise Server for SAP Applications 11:libneon27-x86-0.28.3-2.12.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-4.8.6-1.2.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-32bit-4.8.6-1.2.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-x86-4.8.6-1.2.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-3.12.3.1-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-32bit-3.12.3.1-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-tools-3.12.3.1-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-x86-3.12.8-1.2.1 SUSE Linux Enterprise Server for SAP Applications 11:mutt-1.5.17-42.32.2 SUSE Linux Enterprise Server for SAP Applications 11:neon-0.28.3-2.12.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.18.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.18.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.18.1 SUSE Linux Enterprise Server for SAP Applications 11:zlib-1.2.3-106.34 SUSE Linux Enterprise Server for SAP Applications 11:zlib-32bit-1.2.3-106.34 SUSE Linux Enterprise Server for SAP Applications 11:zlib-x86-1.2.3-106.34 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N