Llnl : Security Vulnerabilities, CVEs, Published In 2009 (Bypass)
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Max CVSS
5.0
EPSS Score
0.17%
Published
2009-01-15
Updated
2009-01-16
1 vulnerabilities found