CVE-2009-3555


Severity : Medium
Published : 2009-11-09
Modified : 2015-05-13
Base Score : 5.8
Details : The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Pro 5.0  
Mobilinux 5.0.24  
MVL 5 Atom  
CGE 5.x  
Mobilinux 5.x  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Mobilinux 5.0.24  
MVL 5 Atom  
Carrier Grade CGE 6.0  
CGE 5.x  
Mobilinux 5.x  
Pro 5.0  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
 
 
 

CVE Vulnerabilities List CVE-2009

CVE-2009-0021CVE-2009-0028CVE-2009-0159CVE-2009-0163
CVE-2009-0316CVE-2009-0778CVE-2009-0791CVE-2009-0798
CVE-2009-0834CVE-2009-0835CVE-2009-0859CVE-2009-0949
CVE-2009-1192CVE-2009-1194CVE-2009-1195CVE-2009-1196
CVE-2009-1210CVE-2009-1252CVE-2009-1265CVE-2009-1267
CVE-2009-1268CVE-2009-1269CVE-2009-1297CVE-2009-1337
CVE-2009-1377CVE-2009-1378CVE-2009-1389CVE-2009-1417
CVE-2009-1574CVE-2009-1630CVE-2009-1632CVE-2009-1885
CVE-2009-1890CVE-2009-1891CVE-2009-1895CVE-2009-1961
CVE-2009-2042CVE-2009-2409CVE-2009-2412CVE-2009-2417
CVE-2009-2560CVE-2009-2562CVE-2009-2563CVE-2009-2730
CVE-2009-2847CVE-2009-2848CVE-2009-2849CVE-2009-2903
CVE-2009-2908CVE-2009-2909CVE-2009-2910CVE-2009-3001
CVE-2009-3002CVE-2009-3080CVE-2009-3095CVE-2009-3228
CVE-2009-3230CVE-2009-3238CVE-2009-3245CVE-2009-3490
CVE-2009-3547CVE-2009-3550CVE-2009-3555CVE-2009-3557
CVE-2009-3558CVE-2009-3559CVE-2009-3560CVE-2009-3563
CVE-2009-3612CVE-2009-3620CVE-2009-3621CVE-2009-3639
CVE-2009-3720CVE-2009-3726CVE-2009-3736CVE-2009-3767
CVE-2009-3889CVE-2009-4005CVE-2009-4017CVE-2009-4020
CVE-2009-4021CVE-2009-4022CVE-2009-4029CVE-2009-4131
CVE-2009-4134CVE-2009-4135CVE-2009-4141CVE-2009-4272
CVE-2009-4307CVE-2009-4308CVE-2009-4355CVE-2009-4377
CVE-2009-4410CVE-2009-4537CVE-2009-4880CVE-2009-4881
CVE-2009-4895CVE-2009-5029CVE-2009-5064