Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1678HistoryJul 10, 2008 - 5:41 p.m.
CVE-2008-1678
2008-07-1017:41:00
Debian Security Bug Tracker
security-tracker.debian.org
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.132 Low
EPSS
Percentile
95.5%
Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apache2 | <Β 2.2.8-4 | apache2_2.2.8-4_all.deb |
| Debian | 11 | all | apache2 | <Β 2.2.8-4 | apache2_2.2.8-4_all.deb |
| Debian | 10 | all | apache2 | <Β 2.2.8-4 | apache2_2.2.8-4_all.deb |
| Debian | 999 | all | apache2 | <Β 2.2.8-4 | apache2_2.2.8-4_all.deb |
| Debian | 13 | all | apache2 | <Β 2.2.8-4 | apache2_2.2.8-4_all.deb |
Related
cve
cve
CVE-2008-1678
2008-07-10 17:41:00
CVE-2009-4355
2010-01-14 19:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:33:34
prion
prion
Memory corruption
2008-07-10 17:41:00
Design/Logic Flaw
2010-01-14 19:30:00
ubuntucve
ubuntucve
CVE-2008-1678
2008-07-10 00:00:00
CVE-2009-4355
2010-01-13 00:00:00
seebug
seebug
OpenSSL 'zlib'εηΌ©ε
εζ³ζΌθΏη¨ζη»ζε‘ζΌζ΄
2008-10-16 00:00:00
nessus
nessus
Fedora 9 : httpd-2.2.9-1.fc9 (2008-6393)
2008-08-08 00:00:00
RHEL 5 : httpd (RHSA-2009:1075)
2009-05-28 00:00:00
CentOS 5 : httpd (CESA-2009:1075)
2010-01-06 00:00:00
securityvulns
securityvulns
Apache multiple DoS conditions
2008-07-12 00:00:00
[ MDVSA-2009:124 ] apache
2009-06-01 00:00:00
[ GLSA 200807-06 ] Apache: Denial of Service
2008-07-12 00:00:00
openvas
openvas
CentOS Update for httpd CESA-2009:1075 centos5 i386
2011-08-09 00:00:00
Oracle: Security Advisory (ELSA-2009-1075)
2015-10-08 00:00:00
Mandriva Update for openssl MDVSA-2010:022 (openssl)
2010-01-22 00:00:00
oraclelinux
oraclelinux
httpd security update
2009-05-27 00:00:00
redhat
redhat
(RHSA-2009:1075) Moderate: httpd security update
2009-05-27 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: httpd-2.2.9-1.fc9
2008-08-07 23:48:09
f5
f5
K15405 : OpenSSL 0.9.8l vulnerability CVE-2009-4355
2014-07-10 00:00:00
SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355
2014-07-10 00:00:00
debiancve
debiancve
CVE-2009-4355
2010-01-14 19:30:00
centos
centos
httpd, mod_ssl security update
2009-05-28 17:08:08
gentoo
gentoo
Apache: Denial of service
2008-07-09 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2009-03-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.132 Low
EPSS
Percentile
95.5%
Related for DEBIANCVE:CVE-2008-1678