CVE-2009-1416

GnuTLS 2.5.0-2.6.5 - Invalid DSA Key Generation via RSA Key Storage

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1416. PoCs published by Miroslav Kratochvil.

AI-analyzed exploit summary This PoC demonstrates CVE-2009-1416 by generating a DSA key and checking if the 'q' parameter is weak (equal to 0x010001). If so, it indicates a vulnerable GnuTLS version.

Description

lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Miroslav Kratochvil · cremotelinux
https://www.exploit-db.com/exploits/32965

This PoC demonstrates CVE-2009-1416 by generating a DSA key and checking if the 'q' parameter is weak (equal to 0x010001). If so, it indicates a vulnerable GnuTLS version.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: GnuTLS versions prior to 2.6.6
No auth needed
Prerequisites: GnuTLS library linked during compilation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory mailing-list x_refsource_mlist
http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00018.html
Exploit, Patch mailing-list x_refsource_mlist
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1022158
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1218
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34783
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200905-04.xml
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34842
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35211
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:116

Scores

EPSS 0.0390
EPSS Percentile 88.9%

Details

CWE
CWE-310
Status published
Products (7)
gnu/gnutls 2.5.0
gnu/gnutls 2.6.0
gnu/gnutls 2.6.1
gnu/gnutls 2.6.2
gnu/gnutls 2.6.3
gnu/gnutls 2.6.4
gnu/gnutls 2.6.5
Published Apr 30, 2009
Tracked Since Feb 18, 2026