openssl: assertion failure in SSLv2 servers

🗓️ 13 Apr 2015 11:54:05Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 3 Views

OpenSSL SSLv2 handshake failure may crash servers with export cipher suites enabled.

Reporter	Title	Published	Views	Family All 352
ALT Linux	Security fix for the ALT Linux 7 package openssl10 version 1.0.1k-alt2	19 Mar 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package openssl10 version 1.0.1k-alt2	19 Mar 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1k-alt2	19 Mar 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package openssl10 version 1.0.1k-alt2	19 Mar 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package openssl10 version 1.0.1k-alt1.M70P.1	20 Mar 201500:00	–	altlinux
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect Informix Genero (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292 & CVE-2015-0293)	3 Jun 202122:08	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect PowerKVM (Multiple CVEs)	18 Jun 201801:27	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2015-0209, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293)	25 Jun 201805:54	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect Network Intrusion Prevention System (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293)	23 Feb 202219:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293)	18 Jun 201800:09	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	5	i386	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.i386.rpm
Red Hat Enterprise Linux	5	ia64	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.ia64.rpm
Red Hat Enterprise Linux	5	ppc	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.ppc.rpm
Red Hat Enterprise Linux	5	ppc64	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.ppc64.rpm
Red Hat Enterprise Linux	5	s390	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.s390.rpm
Red Hat Enterprise Linux	5	s390x	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.s390x.rpm
Red Hat Enterprise Linux	5	x86_64	openssl	0:0.9.8e-33.el5_11	openssl-0:0.9.8e-33.el5_11.x86_64.rpm
Red Hat Enterprise Linux	5	any	openssl	0:0.9.8e-33.el5_11.i686	openssl-0:0.9.8e-33.el5_11.i686.noarch.rpm
Red Hat Enterprise Linux	5	i386	openssl-debuginfo	0:0.9.8e-33.el5_11	openssl-debuginfo-0:0.9.8e-33.el5_11.i386.rpm
Red Hat Enterprise Linux	5	ia64	openssl-debuginfo	0:0.9.8e-33.el5_11	openssl-debuginfo-0:0.9.8e-33.el5_11.ia64.rpm

Source	Link
access	www.access.redhat.com/articles/1384453
access	www.access.redhat.com/security/cve/CVE-2015-0293
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-0293
openssl	www.openssl.org/news/secadv_20150319.txt
cve	www.cve.org/CVERecord

27 Jun 2026 09:44Current

6.7Medium risk

Vulners AI Score6.7

CVSS 25

EPSS0.21389

openssl vulnerability sslv2 protocol export cipher suites denial of service handshake failure