CVE-2009-4565

CVE-2009-4565 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Learn more about our Cis Benchmark Audit For Server Software.