Lucene search
K

105 matches found

RedHat Linux
RedHat Linux
added 2014/06/05 11:50 a.m.5 views

openssl: Buffer overflow via DTLS invalid fragment

The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow a...

6.8CVSS7.2AI score0.99977EPSS
Exploits4References5
OSV
OSV
added 2013/02/03 1:55 a.m.2 views

UBUNTU-CVE-2013-1586

The fragmentsettotlen function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service application crash via a malformed packet...

2.9CVSS5.8AI score0.00826EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/09/24 3:55 p.m.2 views

openssl: DTLS plaintext recovery attack

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack...

4.3CVSS7AI score0.15757EPSS
Exploits0References4
OSV
OSV
added 2012/05/14 10:55 p.m.2 views

DEBIAN-CVE-2012-2333

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

6.8CVSS8.7AI score0.28154EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/10/12 11:1 a.m.5 views

openssl dtls out of order vulnerabilitiy

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors...

9.3CVSS7.3AI score0.11164EPSS
Exploits1References4
Rows per page
Query Builder