9.4 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.103 Low
EPSS
Percentile
94.9%
Neel Mehta discovered that incorrectly formatted ClientHello handshake
messages could cause OpenSSL to parse past the end of the message.
This could allow a remote attacker to cause a crash and denial of
service by triggering invalid memory accesses.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 10.10 | noarch | libssl0.9.8 | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | libcrypto0.9.8-udeb | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | libssl-dev | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | libssl0.9.8-dbg | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | libssl0.9.8-udeb | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | openssl | < 0.9.8o-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.04 | noarch | libssl0.9.8 | < 0.9.8k-7ubuntu8.6 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcrypto0.9.8-udeb | < 0.9.8k-7ubuntu8.6 | UNKNOWN |
Ubuntu | 10.04 | noarch | libssl-dev | < 0.9.8k-7ubuntu8.6 | UNKNOWN |
Ubuntu | 10.04 | noarch | libssl0.9.8-dbg | < 0.9.8k-7ubuntu8.6 | UNKNOWN |