Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-4355HistoryJan 14, 2010 - 7:30 p.m.
CVE-2009-4355
2010-01-1419:30:00
Debian Security Bug Tracker
security-tracker.debian.org
13
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.204 Low
EPSS
Percentile
96.3%
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openssl | <ย 0.9.8k-8 | openssl_0.9.8k-8_all.deb |
| Debian | 11 | all | openssl | <ย 0.9.8k-8 | openssl_0.9.8k-8_all.deb |
| Debian | 10 | all | openssl | <ย 0.9.8k-8 | openssl_0.9.8k-8_all.deb |
| Debian | 999 | all | openssl | <ย 0.9.8k-8 | openssl_0.9.8k-8_all.deb |
| Debian | 13 | all | openssl | <ย 0.9.8k-8 | openssl_0.9.8k-8_all.deb |
Related
nessus
nessus
Mandriva Linux Security Advisory : openssl (MDVSA-2010:022)
2010-01-21 00:00:00
OpenSSL < 0.9.8m Multiple Vulnerabilities
2010-03-11 00:00:00
Debian DSA-1970-1 : openssl - denial of service
2010-02-24 00:00:00
openvas
openvas
Mandriva Update for openssl MDVSA-2010:022 (openssl)
2010-01-22 00:00:00
Mandriva Update for openssl MDVSA-2010:022 (openssl)
2010-01-22 00:00:00
Ubuntu: Security Advisory (USN-884-1)
2010-01-19 00:00:00
f5
f5
SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355
2014-07-10 00:00:00
K15405 : OpenSSL 0.9.8l vulnerability CVE-2009-4355
2014-07-10 00:00:00
prion
prion
Design/Logic Flaw
2010-01-14 19:30:00
Memory corruption
2008-07-10 17:41:00
cve
cve
CVE-2009-4355
2010-01-14 19:30:00
CVE-2008-1678
2008-07-10 17:41:00
ubuntucve
ubuntucve
CVE-2009-4355
2010-01-13 00:00:00
CVE-2008-1678
2008-07-10 00:00:00
osv
osv
openssl - denial of service
2010-01-13 00:00:00
securityvulns
securityvulns
OpenSSL memory leak
2010-01-17 00:00:00
[USN-884-1] OpenSSL vulnerability
2010-01-17 00:00:00
Apache multiple DoS conditions
2008-07-12 00:00:00
debian
debian
[SECURITY] [DSA-1970-1] New openssl packages fix denial of service
2010-01-13 18:47:58
[SECURITY] [DSA-1970-1] New openssl packages fix denial of service
2010-01-13 18:47:58
openssl
openssl
Vulnerability in OpenSSL CVE-2009-4355
2010-01-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:47:06
Denial Of Service (DoS)
2020-04-10 00:33:34
ubuntu
ubuntu
OpenSSL vulnerability
2010-01-14 00:00:00
Apache vulnerabilities
2009-03-10 00:00:00
debiancve
debiancve
CVE-2008-1678
2008-07-10 17:41:00
seebug
seebug
OpenSSL 'zlib'ๅ็ผฉๅ
ๅญๆณๆผ่ฟ็จๆ็ปๆๅกๆผๆด
2008-10-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
oraclelinux
oraclelinux
openssl security update
2010-01-20 00:00:00
httpd security update
2009-05-27 00:00:00
openssl-fips security update
2015-04-02 00:00:00
redhat
redhat
(RHSA-2010:0054) Moderate: openssl security update
2010-01-19 00:00:00
(RHSA-2009:1075) Moderate: httpd security update
2009-05-27 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
centos
centos
openssl security update
2010-01-20 23:10:16
httpd, mod_ssl security update
2009-05-28 17:08:08
fedora
fedora
[SECURITY] Fedora 9 Update: httpd-2.2.9-1.fc9
2008-08-07 23:48:09
[SECURITY] Fedora 13 Update: openssl-1.0.0-1.fc13
2010-04-09 03:42:47
[SECURITY] Fedora 12 Update: openssl-1.0.0a-1.fc12
2010-06-16 17:44:27
gentoo
gentoo
Apache: Denial of service
2008-07-09 00:00:00
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.204 Low
EPSS
Percentile
96.3%
Related for DEBIANCVE:CVE-2009-4355