ClientHello sigalgs DoS. If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server.

cve 1

debiancve 1

veracode 1

checkpoint_advisories 1

ubuntucve 1

prion 1

threatpost 1

thn 1

openvas 4

f5 2

nessus 8

archlinux 2

fortinet 1

kaspersky 1

ibm 4

cisco 1

securityvulns 2

gentoo 1

ics 2

oracle 4

cve

CVE-2015-0291

2015-03-19 22:59:00

debiancve

CVE-2015-0291

2015-03-19 22:59:00

veracode

Denial Of Service (DoS) Through Null Pointer Dereference

2017-02-10 05:10:42

checkpoint_advisories

OpenSSL ClientHello signature_algorithms Extension Denial of Service (CVE-2015-0291)

2015-04-14 00:00:00

ubuntucve

CVE-2015-0291

2015-03-19 00:00:00

prion

Null pointer dereference

2015-03-19 22:59:00

threatpost

OpenSSL Patches High Severity DOS Vulnerability

2015-03-19 10:00:59

thn

OpenSSL to Patch Undisclosed High Severity Vulnerability this Thursday

2015-07-06 22:12:00

openvas

OpenSSL Multiple Vulnerabilities (20150319 - 2) - Windows

2015-11-24 00:00:00

OpenSSL Multiple Vulnerabilities (20150319 - 2) - Linux

2015-11-24 00:00:00

Gentoo Security Advisory GLSA 201503-11

2015-09-29 00:00:00

SOL16300 - Multiple OpenSSL vulnerabilities CVE-2015-0207, CVE-2015-0208, CVE-2015-0285, CVE-2015-0290, CVE-2015-0291, and CVE-2015-1787

2015-03-20 00:00:00

K16300 : Multiple OpenSSL vulnerabilities CVE-2015-0207, CVE-2015-0208, CVE-2015-0285, CVE-2015-0290, CVE-2015-0291, and CVE-2015-1787

2015-04-07 00:00:00

nessus

OpenSSL < 1.0.2a Multiple Vulnerabilities

2015-03-19 00:00:00

stunnel < 5.12 OpenSSL Multiple Vulnerabilities

2015-03-25 00:00:00

OpenSSL 1.0.2 < 1.0.2a Multiple Vulnerabilities

2015-03-27 00:00:00

archlinux

lib32-openssl: multiple issues

2015-03-19 00:00:00

openssl: multiple issues

2015-03-19 00:00:00

fortinet

OpenSSL vulnerabilities - March 2015

2015-03-24 00:00:00

kaspersky

KLA10479 Multiple vulnerabilities in OpenSSL

2015-03-19 00:00:00

ibm

Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293)

2021-06-08 22:18:27

Security Bulletin: Vulnerabilities in OpenSSL including ClientHello DoS affect Multiple N series Products

2021-12-15 18:04:22

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN b-type Switches

2023-02-28 01:48:51

cisco

Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products

2015-03-20 20:20:00

securityvulns

OpenSSL multiple security vulnerabilities

2015-03-21 00:00:00

[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities

2015-09-14 00:00:00

gentoo

OpenSSL: Multiple vulnerabilities

2015-03-19 00:00:00

ics

Rockwell Automation Stratix 5900

2017-05-10 12:00:00

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2015

2015-10-20 00:00:00

Oracle Critical Patch Update Advisory - July 2015

2015-07-14 00:00:00

Oracle Critical Patch Update - January 2016

2016-01-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.904 High

EPSS

Percentile

98.8%

JSON

Related for OPENSSL:CVE-2015-0291