VulnerableCode Vulnerability Details - VCID-nqt4-k72v-mqfn

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-nqt4-k72v-mqfn

Essentials
Severities (8)
References (8)
Severity details (0)
Exploits (2)
EPSS
History (1)

Vulnerability ID	VCID-nqt4-k72v-mqfn
Aliases	CVE-2009-1386
Summary	openssl: DTLS NULL deref crash on early ChangeCipherSpec request
Status	Published
Exploitability	2.0
Weighted Severity	0.4
Risk	0.8
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-476

NULL Pointer Dereference

System	Score	Found at
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386
epss	0.47628	https://api.first.org/data/v1/epss?cve=CVE-2009-1386

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1386.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-1386
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386
503685		https://bugzilla.redhat.com/show_bug.cgi?id=503685
532037		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037
OSVDB-55073;CVE-2009-1386	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8873.c
RHSA-2009:1335		https://access.redhat.com/errata/RHSA-2009:1335
USN-792-1		https://usn.ubuntu.com/792-1/

Data source	Exploit-DB
Date added	June 3, 2009
Description	OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
Ransomware campaign use	Known
Source publication date	June 4, 2009
Exploit type	dos
Platform	multiple

Data source	Metasploit
Description	This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello.
Note	Stability: - crash-service-down SideEffects: [] Reliability: []
Ransomware campaign use	Unknown
Source publication date	April 26, 2000
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.97683
EPSS Score	0.47628
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:58:16.370459+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1386.json	38.0.0