logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2011-4108

Description

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.


Affected Package


OS OS Version Package Name Package Version
Debian 12 openssl 3.0.7-2
Debian 11 openssl 1.1.1n-0+deb11u3
Debian 10 openssl 1.1.1n-0+deb10u3
Debian 999 openssl 3.0.7-2

Related