Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2008-1672
HistoryMay 29, 2008 - 4:32 p.m.

CVE-2008-1672

2008-05-2916:32:00
Debian Security Bug Tracker
security-tracker.debian.org
7

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.047 Low

EPSS

Percentile

92.5%

OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses “particular cipher suites,” which triggers a NULL pointer dereference.

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.047 Low

EPSS

Percentile

92.5%

Related for DEBIANCVE:CVE-2008-1672