Ctrl + K
/ news / CVE
CVEPublished 2009-11-09Modified 2026-05-271 article on news7 live referencesNVD data

CVE-2009-3555Apache · Http_server

Vulnerability data via NVD (ingested)

CVSS v3.1
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
84
Exploit Prediction Scoring System · top 16% of all CVEs
Weaknesses (CWE)
CWE-295Improper Certificate ValidationCWE-300Channel Accessible by Non-Endpoint
Description

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

Timeline
Published 2009-11-09
Modified 2026-05-27

External references

NVDMITREExploit-DBGitHub PoCSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag331,772 hosts
vuln:CVE-2009-3555
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product
product:"Apache Http Server"
All exposed Apache Http Server instances — cross-reference with the CVE's affected-version range.
Shodan · banner/body mention
http.html:"Http Server"
HTTP body or banner mentions "Http Server" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2009-3555
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2009-3555
Censys host search filtered to this CVE id.
grep.app
CVE-2009-3555
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2009-3555
GitHub code search for direct mentions.
Google dork
"CVE-2009-3555" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (4)

CVE-2009-35554 repos
MateusVerass/nGixshellPython
nginx CVE scanner + RCE exploit framework (CVE-2026-42945 + 16 others)
★ 14·updated 3w ago
euxcet/thulearn2018Python
Tools for Web Learning of Tsinghua University.
★ 10·updated 1y ago
sunlei/awesome-starsPython
My GitHub stars.
★ 8·updated 2w ago
chnzzh/OpenSSL-CVE-libunknown
★ 7·updated 1d ago
Articles on news mentioning CVE-2009-3555