VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
rhas	Important	https://access.redhat.com/errata/RHSA-2009:0004
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.00748	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.01066	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.02953	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.09261	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.09261	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.09261	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
epss	0.09261	https://api.first.org/data/v1/epss?cve=CVE-2008-5077
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=476671
cvssv2	5.8	https://nvd.nist.gov/vuln/detail/CVE-2008-5077

Reference id	Reference type	URL
		http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
		http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
		http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
		http://marc.info/?l=bugtraq&m=123859864430555&w=2
		http://marc.info/?l=bugtraq&m=124277349419254&w=2
		http://marc.info/?l=bugtraq&m=127678688104458&w=2
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5077.json
		https://api.first.org/data/v1/epss?cve=CVE-2008-5077
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
		http://secunia.com/advisories/33338
		http://secunia.com/advisories/33394
		http://secunia.com/advisories/33436
		http://secunia.com/advisories/33557
		http://secunia.com/advisories/33673
		http://secunia.com/advisories/33765
		http://secunia.com/advisories/34211
		http://secunia.com/advisories/35074
		http://secunia.com/advisories/35108
		http://secunia.com/advisories/39005
		http://security.gentoo.org/glsa/glsa-200902-02.xml
		http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.544796
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6380
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9155
		http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1
		http://support.apple.com/kb/HT3549
		http://support.avaya.com/elmodocs2/security/ASA-2009-038.htm
		http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=837653
		https://usn.ubuntu.com/704-1/
		https://www.openssl.org/news/secadv/20090107.txt
		http://voodoo-circle.sourceforge.net/sa/sa-20090123-01.html
		http://www.ocert.org/advisories/ocert-2008-016.html
		http://www.openssl.org/news/secadv_20090107.txt
		http://www.redhat.com/support/errata/RHSA-2009-0004.html
		http://www.securityfocus.com/archive/1/499827/100/0/threaded
		http://www.securityfocus.com/archive/1/502322/100/0/threaded
		http://www.securityfocus.com/bid/33150
		http://www.securitytracker.com/id?1021523
		http://www.us-cert.gov/cas/techalerts/TA09-133A.html
		http://www.vmware.com/security/advisories/VMSA-2009-0004.html
		http://www.vupen.com/english/advisories/2009/0040
		http://www.vupen.com/english/advisories/2009/0289
		http://www.vupen.com/english/advisories/2009/0362
		http://www.vupen.com/english/advisories/2009/0558
		http://www.vupen.com/english/advisories/2009/0904
		http://www.vupen.com/english/advisories/2009/0913
		http://www.vupen.com/english/advisories/2009/1297
		http://www.vupen.com/english/advisories/2009/1338
476671		https://bugzilla.redhat.com/show_bug.cgi?id=476671
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:openssl:openssl:0.9.1c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:::::::*
cpe:2.3:a:openssl:openssl:0.9.2b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:::::::*
cpe:2.3:a:openssl:openssl:0.9.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:::::::*
cpe:2.3:a:openssl:openssl:0.9.3a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:::::::*
cpe:2.3:a:openssl:openssl:0.9.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:::::::*
cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:::::::*
cpe:2.3:a:openssl:openssl:0.9.6d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:::::::*
cpe:2.3:a:openssl:openssl:0.9.6e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:::::::*
cpe:2.3:a:openssl:openssl:0.9.6f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:::::::*
cpe:2.3:a:openssl:openssl:0.9.6g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:::::::*
cpe:2.3:a:openssl:openssl:0.9.6h:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:::::::*
cpe:2.3:a:openssl:openssl:0.9.6i:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:::::::*
cpe:2.3:a:openssl:openssl:0.9.6j:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:::::::*
cpe:2.3:a:openssl:openssl:0.9.6k:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:::::::*
cpe:2.3:a:openssl:openssl:0.9.6l:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:::::::*
cpe:2.3:a:openssl:openssl:0.9.6m:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:::::::*
cpe:2.3:a:openssl:openssl:0.9.7a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:::::::*
cpe:2.3:a:openssl:openssl:0.9.7b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6::::::
cpe:2.3:a:openssl:openssl:0.9.7c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:::::::*
cpe:2.3:a:openssl:openssl:0.9.7d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:::::::*
cpe:2.3:a:openssl:openssl:0.9.7e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:::::::*
cpe:2.3:a:openssl:openssl:0.9.7f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:::::::*
cpe:2.3:a:openssl:openssl:0.9.7g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:::::::*
cpe:2.3:a:openssl:openssl:0.9.7h:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:::::::*
cpe:2.3:a:openssl:openssl:0.9.7i:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:::::::*
cpe:2.3:a:openssl:openssl:0.9.7j:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
cpe:2.3:a:openssl:openssl:0.9.7k:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:::::::*
cpe:2.3:a:openssl:openssl:0.9.7l:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:::::::*
cpe:2.3:a:openssl:openssl:0.9.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:::::::*
cpe:2.3:a:openssl:openssl:0.9.8a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
cpe:2.3:a:openssl:openssl:0.9.8b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
cpe:2.3:a:openssl:openssl:0.9.8c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:::::::*
cpe:2.3:a:openssl:openssl:0.9.8d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:::::::*
cpe:2.3:a:openssl:openssl:0.9.8e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:::::::*
cpe:2.3:a:openssl:openssl:0.9.8f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:::::::*
cpe:2.3:a:openssl:openssl:0.9.8g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:::::::*
CVE-2008-5077		https://nvd.nist.gov/vuln/detail/CVE-2008-5077
GLSA-200902-02		https://security.gentoo.org/glsa/200902-02
GLSA-200904-05		https://security.gentoo.org/glsa/200904-05
RHSA-2009:0004		https://access.redhat.com/errata/RHSA-2009:0004

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-5077

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vulnerability ID	VCID-52hz-t7e5-aaaj
Aliases	CVE-2008-5077 VC-OPENSSL-20090107-CVE-2008-5077
Summary	The Google Security Team discovered several functions inside OpenSSL incorrectly checked the result after calling the EVP_VerifyFinal function, allowing a malformed signature to be treated as a good signature rather than as an error. This issue affected the signature checks on DSA and ECDSA keys used with SSL/TLS. One way to exploit this flaw would be for a remote attacker who is in control of a malicious server or who can use a 'man in the middle' attack to present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, bypassing validation.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Reference id	Reference type	URL
		http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
		http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
		http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
		http://marc.info/?l=bugtraq&m=123859864430555&w=2
		http://marc.info/?l=bugtraq&m=124277349419254&w=2
		http://marc.info/?l=bugtraq&m=127678688104458&w=2
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5077.json
		https://api.first.org/data/v1/epss?cve=CVE-2008-5077
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
		http://secunia.com/advisories/33338
		http://secunia.com/advisories/33394
		http://secunia.com/advisories/33436
		http://secunia.com/advisories/33557
		http://secunia.com/advisories/33673
		http://secunia.com/advisories/33765
		http://secunia.com/advisories/34211
		http://secunia.com/advisories/35074
		http://secunia.com/advisories/35108
		http://secunia.com/advisories/39005
		http://security.gentoo.org/glsa/glsa-200902-02.xml
		http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.544796
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6380
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9155
		http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1
		http://support.apple.com/kb/HT3549
		http://support.avaya.com/elmodocs2/security/ASA-2009-038.htm
		http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=837653
		https://usn.ubuntu.com/704-1/
		https://www.openssl.org/news/secadv/20090107.txt
		http://voodoo-circle.sourceforge.net/sa/sa-20090123-01.html
		http://www.ocert.org/advisories/ocert-2008-016.html
		http://www.openssl.org/news/secadv_20090107.txt
		http://www.redhat.com/support/errata/RHSA-2009-0004.html
		http://www.securityfocus.com/archive/1/499827/100/0/threaded
		http://www.securityfocus.com/archive/1/502322/100/0/threaded
		http://www.securityfocus.com/bid/33150
		http://www.securitytracker.com/id?1021523
		http://www.us-cert.gov/cas/techalerts/TA09-133A.html
		http://www.vmware.com/security/advisories/VMSA-2009-0004.html
		http://www.vupen.com/english/advisories/2009/0040
		http://www.vupen.com/english/advisories/2009/0289
		http://www.vupen.com/english/advisories/2009/0362
		http://www.vupen.com/english/advisories/2009/0558
		http://www.vupen.com/english/advisories/2009/0904
		http://www.vupen.com/english/advisories/2009/0913
		http://www.vupen.com/english/advisories/2009/1297
		http://www.vupen.com/english/advisories/2009/1338
476671		https://bugzilla.redhat.com/show_bug.cgi?id=476671
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:openssl:openssl:0.9.1c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:::::::*
cpe:2.3:a:openssl:openssl:0.9.2b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:::::::*
cpe:2.3:a:openssl:openssl:0.9.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:::::::*
cpe:2.3:a:openssl:openssl:0.9.3a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:::::::*
cpe:2.3:a:openssl:openssl:0.9.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:::::::*
cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:::::::*
cpe:2.3:a:openssl:openssl:0.9.6d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:::::::*
cpe:2.3:a:openssl:openssl:0.9.6e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:::::::*
cpe:2.3:a:openssl:openssl:0.9.6f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:::::::*
cpe:2.3:a:openssl:openssl:0.9.6g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:::::::*
cpe:2.3:a:openssl:openssl:0.9.6h:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:::::::*
cpe:2.3:a:openssl:openssl:0.9.6i:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:::::::*
cpe:2.3:a:openssl:openssl:0.9.6j:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:::::::*
cpe:2.3:a:openssl:openssl:0.9.6k:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:::::::*
cpe:2.3:a:openssl:openssl:0.9.6l:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:::::::*
cpe:2.3:a:openssl:openssl:0.9.6m:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:::::::*
cpe:2.3:a:openssl:openssl:0.9.7a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:::::::*
cpe:2.3:a:openssl:openssl:0.9.7b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5::::::
cpe:2.3:a:openssl:openssl:0.9.7:beta6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6::::::
cpe:2.3:a:openssl:openssl:0.9.7c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:::::::*
cpe:2.3:a:openssl:openssl:0.9.7d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:::::::*
cpe:2.3:a:openssl:openssl:0.9.7e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:::::::*
cpe:2.3:a:openssl:openssl:0.9.7f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:::::::*
cpe:2.3:a:openssl:openssl:0.9.7g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:::::::*
cpe:2.3:a:openssl:openssl:0.9.7h:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:::::::*
cpe:2.3:a:openssl:openssl:0.9.7i:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:::::::*
cpe:2.3:a:openssl:openssl:0.9.7j:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
cpe:2.3:a:openssl:openssl:0.9.7k:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:::::::*
cpe:2.3:a:openssl:openssl:0.9.7l:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:::::::*
cpe:2.3:a:openssl:openssl:0.9.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:::::::*
cpe:2.3:a:openssl:openssl:0.9.8a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
cpe:2.3:a:openssl:openssl:0.9.8b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
cpe:2.3:a:openssl:openssl:0.9.8c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:::::::*
cpe:2.3:a:openssl:openssl:0.9.8d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:::::::*
cpe:2.3:a:openssl:openssl:0.9.8e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:::::::*
cpe:2.3:a:openssl:openssl:0.9.8f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:::::::*
cpe:2.3:a:openssl:openssl:0.9.8g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:::::::*
CVE-2008-5077		https://nvd.nist.gov/vuln/detail/CVE-2008-5077
GLSA-200902-02		https://security.gentoo.org/glsa/200902-02
GLSA-200904-05		https://security.gentoo.org/glsa/200904-05
RHSA-2009:0004		https://access.redhat.com/errata/RHSA-2009:0004

Percentile	0.81357
EPSS Score	0.00748
Published At	Nov. 1, 2024, midnight