CVE-2009-0265
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2009-0265
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
isc bind 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Internet Systems Consortium (ISC) BIND 9.6.0及之前版本没有正确的检查来自OpenSSL EVP_VerifyFinal函数的返回值,这使得远程攻击者可以借助一个畸形的SL/TLS署名,绕过对信任证书链的校验。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2009-0265
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2009-0265
请登录查看更多情报信息。
- https://www.isc.org/node/373x_refsource_CONFIRM
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.540362vendor-advisoryx_refsource_SLACKWARE
- https://nvd.nist.gov/vuln/detail/CVE-2009-0265
Same Patch Batch · n/a · 2009-01-26 · 14 CVEs total
| CVE-2008-5965 | LokiCMS 'index.php' 目录遍历漏洞 | |
| CVE-2008-5966 | Globsy 'globsy_edit.php' 任意文件重写漏洞 | |
| CVE-2008-5967 | phpicalendar 授权问题漏洞 | |
| CVE-2008-5968 | PHP iCalendar 本地文件包含漏洞 | |
| CVE-2009-0275 | ryneezy phosheezy 代码注入漏洞 | |
| CVE-2009-0270 | Fujitsu Systemcast Wizard Lite PXE请求远程溢出漏洞 | |
| CVE-2009-0271 | fujitsu systemcastwizard_lite TFTP服务器 目录遍历漏洞 | |
| CVE-2008-5260 | axis axis_camera_control 缓冲区溢出漏洞 | |
| CVE-2009-0264 | Fujitsu Systemcast Wizard Lite Registry Tool 缓冲区溢出漏洞 | |
| CVE-2009-0266 | Triologic Media Player播放列表文件解析堆溢出漏洞 | |
| CVE-2009-0267 | Sun Solaris ’libike’ 输入验证错误漏洞 | |
| CVE-2009-0268 | sun 'pseudo-terminal'竞争条件错误漏洞 | |
| CVE-2009-0269 | Linux Kernel readlink本地权限提升漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2009-0265
No comments yet