plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2009-01-15T17:00:00Z
Updated: 2024-09-16T16:42:52.728Z
Reserved: 2009-01-15T00:00:00Z
Link: CVE-2009-0128

No data.

Status : Modified
Published: 2009-01-15T17:30:00.610
Modified: 2024-11-21T00:59:07.083
Link: CVE-2009-0128

No data.