Lucene search
K

55 matches found

Ubuntu
Ubuntu
added 2021/08/26 12:53 p.m.159 views

USN-5051-3: OpenSSL vulnerability

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause...

7.4CVSS6.8AI score0.50445EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/26 12:40 p.m.182 views

USN-5051-2: OpenSSL vulnerability

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL...

7.4CVSS6.8AI score0.50445EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/08/26 12:0 a.m.32 views

openSUSE 15 Security Update : openssl-1_0_0 (openSUSE-SU-2021:1189-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1189-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/26 12:0 a.m.50 views

Ubuntu 18.04 LTS : OpenSSL vulnerability (USN-5051-3)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5051-3 advisory. USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Tenable has extracted t...

7.4CVSS6.7AI score0.50445EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/08/25 12:0 a.m.12 views

OpenSSL: Read Buffer Overruns Processing ASN.1 Strings (20210824) - Windows

OpenSSL is prone to a buffer overflow vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.4CVSS8.1AI score0.50445EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/08/25 12:0 a.m.25 views

OpenSSL: Read Buffer Overruns Processing ASN.1 Strings (20210824) - Linux

OpenSSL is prone to a buffer overflow vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.4CVSS8.1AI score0.50445EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.37 views

SUSE SLES11: libopenssl0_9_8 / libopenssl0_9_8-32bit / libopenssl0_9_8-hmac / etc (SUSE-SU-2021:14791-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14791-1 advisory. This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer...

7.4CVSS7.1AI score0.50445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.40 views

SUSE SLES15: libopenssl-1_0_0-devel / libopenssl10 / libopenssl1_0_0 / etc (SUSE-SU-2021:2827-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2827-1 advisory. - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to...

7.4CVSS7.1AI score0.50445EPSS
Exploits0References4
Debian
Debian
added 2021/08/24 3:16 p.m.108 views

[SECURITY] [DSA 4963-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4963-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2021 https://www.debian.org/security/faq -...

7.5CVSS1.2AI score0.87816EPSS
Exploits1
Debian
Debian
added 2021/08/24 3:16 p.m.196 views

[SECURITY] [DSA 4963-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4963-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2021 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.87816EPSS
Exploits1
Prion
Prion
added 2021/08/24 3:15 p.m.43 views

Buffer overflow

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

5.8CVSS7.8AI score0.50445EPSS
Exploits0References20Affected Software25
RedhatCVE
RedhatCVE
added 2021/08/24 3:6 p.m.64 views

CVE-2021-3712

It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a...

7.4CVSS1.6AI score0.50445EPSS
Exploits0References4
OSV
OSV
added 2021/08/24 12:0 p.m.45 views

RUSTSEC-2021-0098 Read buffer overruns processing ASN.1 strings

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are represented as a buffer for the string data which is terminated with a NUL 0 byt...

7.4CVSS7.9AI score0.50445EPSS
Exploits0References3
RustSec
RustSec
added 2021/08/24 12:0 p.m.55 views

Read buffer overruns processing ASN.1 strings

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are represented as a buffer for the string data which is terminated with a NUL 0 byt...

7.4CVSS7.8AI score0.50445EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.92 views

OpenSSL 1.0.2 < 1.0.2za Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2za. It is, therefore, affected by a vulnerability as referenced in the 1.0.2za advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
Rows per page
Query Builder