4558 matches found
openssl security update
CentOS Errata and Security Advisory CESA-2012:0086 Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
openssl: SGC restart DoS attack
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
CVE-2011-4354
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...
Authentication flaw
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...
CVE-2011-4354
OpenSSL vulnerability CVE-2011-4354 affects OpenSSL before 0.9.8h on 32-bit platforms, in the ECDH/ECDHE handshake with P-256 and P-384 curves, due to an incorrect modular reduction algorithm in bn_nist.c. This design flaw allows remote attackers to obtain the TLS server private key after multipl...
CVE-2011-4354
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...
openssl: SGC restart DoS attack
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
openssl: SGC restart DoS attack
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
Mandriva Linux Security Advisory : openssl (MDVSA-2012:006)
Multiple vulnerabilities has been found and corrected in openssl : The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack CVE-2011-410...
FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)
The OpenSSL Team reports : 6 security flaws have been fixed in OpenSSL 1.0.0f : If X509VFLAGPOLICYCHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. OpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. As ...
DEBIAN-CVE-2011-4619
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
CVE-2011-4619
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
CVE-2011-4619
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
CVE-2011-4619
OpenSSL CVE-2011-4619 concerns the Server Gated Cryptography (SGC) handshake restart handling. The vulnerability exists in OpenSSL prior to 0.9.8s and in 1.x prior to 1.0.0f, where improper handling of handshake restarts can allow remote attackers to cause a denial-of-service (CPU consumption). C...
CVE-2011-4619
The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
OpenSSL < 0.9.6m / 0.9.7d Denial of Service
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.6m or 0.9.7d. A remote attacker can crash the server by sending an overly long Kerberos ticket or a crafted SSL/TLS handshake. C Tenable Network Security, Inc. include"compat.inc"; if description...
OpenSSL 1.0.0 < 1.0.0-beta2 DoS
According to its banner, the remote server is running a version of OpenSSL 1.0.0 prior to 1.0.0 beta 2. A remote attacker can crash the server by sending an out-of-sequence DTLS handshake message. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17768;...
Vulnerability in OpenSSL - SGC Restart DoS Attack
Support for handshake restarts for server gated cryptograpy SGC can be used in a denial-of-service attack. Found by George Kadianakis...
OpenSSL -- multiple vulnerabilities
The OpenSSL Team reports: 6 security flaws have been fixed in OpenSSL 1.0.0f: If X509VFLAGPOLICYCHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. OpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. As a...
SuSE 11.1 Security Update : openswan (SAT Patch Number 5424)
openswan's crypto helper was prone to an use-after-free flaw which could potentially allow remote attackers to cause a Denial of Service CVE-2011-4073, bnc727002. Additionally, the following issues have been fixed : - AH handshake problems bnc713986, - potential dereference of no longer valid...