Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1386

CWE-476NULL Pointer Dereference11 documents9 sources
Severity
5.0MEDIUM
EPSS
47.6%
top 2.30%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Openssl OpensslCanonical Ubuntu LinuxRedhat Openssl
Timeline
PublishedJun 4
Latest updateMay 3

Description

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

NVDopenssl/openssl< 0.9.8i
Debianopenssl< 0.9.8k-1+3
NVDredhat/openssl0.9.6-15, 0.9.6b-3, 0.9.7a-2+2

Also affects: Ubuntu Linux 6.06, 8.04, 8.10, 9.04

Patches

Patch: cvs.openssl.orgPatch: cvs.openssl.org

🔴Vulnerability Details

3
GHSA
GHSA-rqjx-gxhp-5x5r: ssl/s3_pkt2022-05-03
CVEList
CVE-2009-1386: ssl/s3_pkt2009-06-04
OSV
CVE-2009-1386: ssl/s3_pkt2009-06-04

💥Exploits & PoCs

1
Exploit-DB
OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service2009-06-04

📋Vendor Advisories

4
Red Hat
kernel: usb: buffer overflow in auerswald_probe()2009-10-29
Ubuntu
OpenSSL vulnerabilities2009-06-25
Red Hat
openssl: DTLS NULL deref crash on early ChangeCipherSpec request2009-06-02
Debian
CVE-2009-1386: openssl - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial ...2009

💬Community

1
Bugzilla
CVE-2009-1386 openssl: DTLS NULL deref crash on early ChangeCipherSpec request2009-06-02
CVE-2009-1386 (MEDIUM CVSS 5) | ssl/s3_pkt.c in OpenSSL before 0.9. | cvebase.io