OpenSSL: Multiple DoS Vulnerabilities (CVE-2013-4353, CVE-2013-6449) - Linux

OpenSSL is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the openssl package up to version 1.0.1f in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)

No description provided by source. Exploit Title: OpenSSL TLS Heartbeat Extension - Memory Disclosure - Multiple SSL/TLS versions Date: 2014-04-09 Exploit Author: Csaba Fitzl Vendor Homepage: http://www.openssl.org/ Software Link: http://www.openssl.org/source/openssl-1.0.1f.tar.gz Version: 1.0.1...

Heartbleed OpenSSL Information Leak Proof Of Concept

/ CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted...

DEBIAN-CVE-2013-4353

The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NULL pointer dereference and application crash via a crafted Next Protocol Negotiation record in a TLS handshake...

Null pointer dereference

The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NULL pointer dereference and application crash via a crafted Next Protocol Negotiation record in a TLS handshake...

Security fix for the ALT Linux 8 package openssl10 version 1.0.1f-alt1

Jan. 6, 2014 Dmitry V. Levin 1.0.1f-alt1 - Updated to 1.0.1f fixes CVE-2013-4353, CVE-2013-6449, and CVE-2013-6450...

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1f-alt1

Jan. 6, 2014 Dmitry V. Levin 1.0.1f-alt1 - Updated to 1.0.1f fixes CVE-2013-4353, CVE-2013-6449, and CVE-2013-6450...

Information disclosure

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service...