CVE-2012-0867

NONECVSS 0.0

0.0

PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.

🔗 References (18)

secalert@redhathttp://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-0678.html
secalert@redhathttp://secunia.com/advisories/49273
secalert@redhathttp://www.debian.org/security/2012/dsa-2418
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2012:026
secalert@redhathttp://www.postgresql.org/about/news/1377/
secalert@redhathttp://www.postgresql.org/docs/8.4/static/release-8-4-11.html
secalert@redhathttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html
secalert@redhathttp://www.postgresql.org/docs/9.1/static/release-9-1-3.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-0678.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/49273
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2418
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
af854a3a-2127-422b-91ae-364da2661108http://www.postgresql.org/about/news/1377/

Is Your Infrastructure Affected by CVE-2012-0867?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-0867

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-0867?