CVE-2009-0025

EPSS 0.96%

bind9 - cryptographic weakness

Published: 1/7/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-0025

Description

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Affected packages (2)

Debian/bind9from 0, < 1:9.5.1.dfsg.P1-1
Debian/bind9from 0, < 1:9.3.4-2etch4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-0025