Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4180HistoryDec 06, 2010 - 9:05 p.m.
CVE-2010-4180
2010-12-0621:05:00
Debian Security Bug Tracker
security-tracker.debian.org
12
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.023 Low
EPSS
Percentile
89.5%
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openssl | <ย 0.9.8o-4 | openssl_0.9.8o-4_all.deb |
| Debian | 11 | all | openssl | <ย 0.9.8o-4 | openssl_0.9.8o-4_all.deb |
| Debian | 10 | all | openssl | <ย 0.9.8o-4 | openssl_0.9.8o-4_all.deb |
| Debian | 999 | all | openssl | <ย 0.9.8o-4 | openssl_0.9.8o-4_all.deb |
| Debian | 13 | all | openssl | <ย 0.9.8o-4 | openssl_0.9.8o-4_all.deb |
Related
veracode
veracode
Insecure TLS Configuration
2020-04-10 00:56:26
nessus
nessus
Fedora 14 : openssl-1.0.0c-1.fc14 (2010-18765)
2010-12-12 00:00:00
SuSE9 Security Update : OpenSSL (YOU Patch Number 12701)
2011-05-04 00:00:00
Mandriva Linux Security Advisory : openssl (MDVSA-2010:248)
2010-12-08 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2010-4180
2010-12-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.0c-alt1
2011-02-01 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 1.0.0c-alt1
2011-02-01 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0c-alt1
2011-02-01 00:00:00
f5
f5
SOL12543 - OpenSSL vulnerability CVE-2010-4180
2011-01-26 00:00:00
K12543 : OpenSSL vulnerability CVE-2010-4180
2013-07-05 00:00:00
K12853 : OpenSSL vulnerability CVE-2008-7270
2013-09-04 00:00:00
redhat
redhat
(RHSA-2010:0979) Moderate: openssl security update
2010-12-13 00:00:00
(RHSA-2010:0978) Moderate: openssl security update
2010-12-13 00:00:00
(RHSA-2010:0977) Moderate: openssl security update
2010-12-13 00:00:00
prion
prion
Session fixation
2010-12-06 21:05:00
Session fixation
2010-12-06 22:30:00
cve
cve
CVE-2010-4180
2010-12-06 21:05:00
CVE-2008-7270
2010-12-06 22:30:00
openvas
openvas
Mandriva Update for openssl MDVSA-2010:248 (openssl)
2010-12-23 00:00:00
Mandriva Update for openssl MDVSA-2010:248 (openssl)
2010-12-23 00:00:00
CentOS Update for openssl CESA-2010:0978 centos5 i386
2011-08-09 00:00:00
ubuntucve
ubuntucve
CVE-2010-4180
2010-12-06 00:00:00
CVE-2008-7270
2010-12-06 00:00:00
oraclelinux
oraclelinux
openssl security update
2011-02-10 00:00:00
openssl security update
2010-12-13 00:00:00
openssl security update
2010-12-13 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2010-12-08 00:00:00
slackware
slackware
[slackware-security] openssl
2010-12-07 07:14:58
debiancve
debiancve
CVE-2008-7270
2010-12-06 22:30:00
centos
centos
openssl security update
2010-12-14 01:19:08
openssl security update
2011-01-27 09:11:13
securityvulns
securityvulns
[USN-1029-1] OpenSSL vulnerabilities
2010-12-09 00:00:00
OpenSSL protection level downgrade
2010-12-09 00:00:00
HP Insight Control multiple security vulnerabilities
2011-04-26 00:00:00
osv
osv
openssl - protocol design flaw
2011-01-06 00:00:00
nss - protocol design flaw
2011-01-06 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: openssl-1.0.0c-1.fc14
2010-12-10 20:26:33
[SECURITY] Fedora 14 Update: openssl-1.0.0d-1.fc14
2011-02-14 20:28:21
[SECURITY] Fedora 13 Update: openssl-1.0.0c-1.fc13
2010-12-17 08:35:37
debian
debian
[SECURITY] [DSA-2141-1] New openssl packages fix protocol design flaw
2011-01-05 23:18:09
[SECURITY] [DSA-2141-1] New openssl packages fix protocol design flaw
2011-01-05 23:18:09
suse
suse
compat-openssl097g (important)
2011-07-27 16:08:25
Security update for compat-openssl097g (important)
2011-07-27 17:08:16
cert
cert
ibm
ibm
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.023 Low
EPSS
Percentile
89.5%
Related for DEBIANCVE:CVE-2010-4180