Vulnerability Details : CVE-2009-4034
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Products affected by CVE-2009-4034
- cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.15:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.18:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.24:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.23:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.25:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.19:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.20:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.21:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.22:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.4.26:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
Threat overview for CVE-2009-4034
Top countries where our scanners detected CVE-2009-4034
Top open port discovered on systems with this issue
5432
IPs affected by CVE-2009-4034 7,923
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2009-4034!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-4034
0.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-4034
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:P |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2009-4034
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2009-4034
-
Red Hat 2010-01-07This issue is only security-relevant in PostgreSQL versions 8.4 and later as previous versions did not compare the connection host name with the certificate CommonName at all. Client certificate authentication was introduced in version 8.4. Red Hat Enterprise Linux 5 and earlier provided PostgreSQL versions 8.1.x and earlier, and are thus not affected by this issue.
References for CVE-2009-4034
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:333
-
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012
-
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01056.html
-
http://www.postgresql.org/docs/current/static/release-8-3-9.html
Patch;Vendor Advisory
-
http://www.postgresql.org/docs/current/static/release-8-4-2.html
Patch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=134124585221119&w=2
'[security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux' - MARC
-
http://www.postgresql.org/support/security.html
PostgreSQL: Not FoundVendor Advisory
-
http://www.postgresql.org/docs/current/static/release-7-4-27.html
Patch;Vendor Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01035.html
-
http://www.postgresql.org/docs/current/static/release-8-2-15.html
Patch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:001
-
http://www.securitytracker.com/id?1023325
-
http://www.vupen.com/english/advisories/2009/3519
-
http://www.securityfocus.com/bid/37334
-
http://www.securityfocus.com/archive/1/509917/100/0/threaded
-
http://www.postgresql.org/docs/current/static/release-8-1-19.html
Patch;Vendor Advisory
-
http://www.postgresql.org/docs/current/static/release-8-0-23.html
Patch;Vendor Advisory
Jump to