CVE-2009-4034
Published Dec 15, 2009
Last updated 6 years ago
Overview
- Description
- PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Vendor comments
- Red HatThis issue is only security-relevant in PostgreSQL versions 8.4 and later as previous versions did not compare the connection host name with the certificate CommonName at all. Client certificate authentication was introduced in version 8.4. Red Hat Enterprise Linux 5 and earlier provided PostgreSQL versions 8.1.x and earlier, and are thus not affected by this issue.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C8DDD98-9A2D-402D-9172-F3C4C4C97FEF"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20C8302B-631A-4DF7-839B-C6F3CC39E000"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB318EB9-1B49-452A-92CF-89D9BA990AB9"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5913A53B-7B72-4CBD-ADAE-318333EB8B7B"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "815E58C0-327D-4F14-B496-05FC8179627E"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EF2D056-5120-4F98-8343-4EC31F962CFE"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "516E0E86-3D8A-43F9-9DD5-865F5C889FC4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A7A9D3C-4BB6-4974-BF96-6E6728196F4E"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "486EDE1B-37E0-4DDF-BFC9-C8C8945D5E2A"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7FC7F18-B227-4C46-9A33-FB34DDE456CC"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCDB903F-0C89-4E65-857E-553CF9C192E8"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6BF8B1E-68F7-4F27-AD1F-FA02B256BDAA"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD0DEB63-CA70-44C1-9491-E0790D1A8E21"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA8E73E5-BA41-4FA2-8457-803A97FB00C3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C9B64CA-778F-405D-A441-34599246A3F0"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4975D8ED-7DCB-430F-98E1-DB165D6DA7E1"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCBF8CDE-5E75-4DF8-AE1A-B7377953917A"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AC4A04B-738C-4018-BB2F-FBEC8746200C"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36A2824A-A43F-436B-B9DA-B7E283A00426"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBBAF0F1-7A70-41DC-89A7-2EF9851E4FC0"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A12EC07-1938-41BF-BCFC-C269668F1EBE"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14D7CE0D-510C-46BB-8896-42DD84F57017"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AA5858F-7DFF-460D-B862-83DD636D0A36"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4394564D-131D-41C8-AE3A-BFF44779F27B"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CCC06DB-1C93-4DE5-AEDC-03E532DA89F9"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62133846-C0C8-473A-A842-2A8AF50C2FD4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B45F3BF0-9EB6-4A06-B6F7-DE95DD13EFBF"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91D1232E-4D0A-4BDC-99F6-25AEE014E9AE"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "105E9F52-D17E-4A0B-9C46-FD32A930B1E6"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DE2055D-AAA4-4A6A-918F-349A9749AF09"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C12409B2-161B-4F78-B7AD-3CF69DDCC574"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD2F1DA4-6625-469D-988B-5457B68851A9"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "870F4348-6001-4C2F-A547-61964074E7C0"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2E26D52-D95A-4547-BE6E-4F142F54A624"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AAB2D1D-BE61-4D7C-B305-58B4F4126620"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A5F8D8B-34C5-4EBC-BB20-4D11191238B5"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E260F1F9-0068-4289-A8E8-C30220C2E1F7"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEE16023-9A5E-46D5-B597-E6885C224786"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84D64D74-9645-4CB7-B710-4FC26FB65B37"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCF2794E-6B48-496B-B6CA-CDC7FC2160CA"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EB12063-F487-4067-A7A5-4482E19D8D14"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51AE5B72-DDC5-4207-B467-A9583F3AC781"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99398182-C98C-4B16-9DBA-B1980BDFFA54"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6FEC1DE-A2A5-4945-95B8-75FDC9ED3B63"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "264AB44D-D014-4734-B538-09E5834EC30B"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D5DD1E6-E190-4D75-9D27-5EFB2544B158"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CD7F8CA-09B3-4038-B8B0-2D62A77F2478"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64815C3D-1A1A-4525-9BCD-D89BAEACC950"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B61AFB3-818D-4A82-8C80-9CA9A1DCC090"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0B9704E-4BA9-4389-83AB-62BC65F81D9A"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEEC35A2-B17C-46EC-8697-9E03568339BC"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00562C18-DD81-4B09-AF93-739AF8757A12"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B52D093-7867-4FE8-B055-D8190103A1E6"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF1A06EE-26BD-4CDA-AEB9-01124FC37E37"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF855730-C61C-4FDC-96CB-57775A903421"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D93296E1-AEA2-443E-B9AA-D70535DDD093"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "992C3EC0-4C12-4FB0-8844-9EFB91DA95E3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E3EBF1D-D5BD-4A22-B76A-2BAB21534E70"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02DC4E8A-A728-4734-B67A-C58C37DA90C1"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D59B0E32-9E71-4E41-BBAF-7A20008E43E4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA6511DE-AF52-4953-8394-37D24A732538"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51B93DC5-F632-47A5-9C58-52429B034D1A"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D011C676-47D3-4D78-9C58-749AF6C7DBDE"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFD5BE40-CF55-4C0E-BD89-5CC7DF41F6BA"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C1EE1C3-4472-4CE2-AB60-9535C1C4AF8B"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B903334-2F67-4725-8277-6913E03BEFC3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F6E9049-B347-4940-B523-DBB96DBFE731"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F1AD77C-BD28-43C9-B2CA-F60C1AD9D200"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10EF0EA6-C8B6-40A7-A3AE-8639CA94D5C5"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9F645F3-9767-4FD8-94EB-1096DF24E6C3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C342A823-EF6F-4557-9F9E-D8893EA4C2BA"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B85A443F-0802-412F-9AEE-3525311C93D4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06253BA8-7F1E-4C79-9B2E-197307A627F0"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A213AB8-A5FE-4062-B895-2FC4B19F60A4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A3F083E-59A8-41B1-826F-2CA39BD425C9"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE49E2D5-8EAC-49C7-B704-E626FBE7EC35"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5059B2F-B588-463E-8E96-BC9DA129C12E"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C919AF97-9713-44F8-B742-89C438DB0B48"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "400BBC62-5D03-465B-A864-9CD479B963F8"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC8C96F7-7F85-4E47-A05F-15E3C70AF583"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C236CF1-72C0-4C3D-AE04-B67E3F18EEC8"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECC98D47-8B3C-4DE6-8C45-F5B92266027F"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05AD5D33-86F4-4BFF-BA84-02AA1347BEEB"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02FDCF30-D0F7-48AA-9633-9CC060495F47"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "788975F6-B3F1-4C21-B963-6BA59F14B71C"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6713D96-338B-4467-9F05-3153997F62E2"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01EB1A77-92AD-47FB-8290-D05C9B6C19C4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74857259-30C7-422D-A24D-BE1E33F09466"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD80066B-787E-496B-88FD-F0AE291468C5"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88C9F0AB-A125-4DCD-A02B-E04D4D95FB5D"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C991F71-1E27-47A6-97DC-424FC3EF6011"
}
],
"operator": "OR"
}
]
}
]