13 matches found
OpenSSL 0.9.7 < 0.9.7d Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 0.9.7d. It is, therefore, affected by multiple vulnerabilities as referenced in the 0.9.7d advisory. - The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the...
SUSE CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service crash via a crafted SSL/TLS handshake that causes an...
DEBIAN-CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service crash via a crafted SSL/TLS handshake that causes an...
GLSA-200403-03 : Multiple OpenSSL Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200403-03 Multiple OpenSSL Vulnerabilities Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a NULL pointer assignment in the dochangecipherspec function. A remote attacker could perform a...
Mandrake Linux Security Advisory : openssl (MDKSA-2004:023)
A vulnerability was discovered by the OpenSSL group using the Codenomicon TLS Test Tool. The test uncovered a NULL pointer assignment in the dochangecipherspec function whih could be abused by a remote attacker crafting a special SSL/TLS handshake against a server that used the OpenSSL library in...
RHEL 3 : openssl (RHSA-2004:120)
Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer Security TLS v1 protocols, and serves as a full-strength general purpose cryptography...
NetBSD Security Advisory 2004-005: Denial of service vulnerabilities in OpenSSL
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2004-005 ================================= Topic: Denial of service vulnerabilities in OpenSSL Version: NetBSD-current: source prior to March 22, 2004 NetBSD 2.0: branch unaffected, release will include the fix NetBSD 1.6.2: affected...
CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service crash via a crafted SSL/TLS handshake that causes an...
Important: Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities
Updated OpenSSL packages that fix several remote denial of service vulnerabilities are now available. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. Testing performe...
Important: Red Hat Security Advisory: openssl security update
Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer Security TLS v1 protocols, and serves as a full-strength general purpose cryptography...
Multiple OpenSSL Vulnerabilities
Background The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library...
PT-2004-1088 · Openssl · Openssl
Name of the Vulnerable Software and Affected Versions: OpenSSL versions 0.9.7a through 0.9.7c Description: The issue is related to the SSL/TLS handshaking code in OpenSSL, which does not properly check the length of Kerberos tickets during a handshake when using Kerberos ciphersuites. This allows...
OpenSSL Security Advisory [17 March 2004]
OpenSSL Security Advisory 17 March 2004 Updated versions of OpenSSL are now available which correct two security issues: 1. Null-pointer assignment during SSL handshake =============================================== Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool...