Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2014/06/10 12:23 p.m.5 views

openssl: client-side denial of service when using anonymous ECDH

The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by triggering a NULL certificate...

4.3CVSS6.8AI score0.85784EPSS
Exploits0References5
OSV
OSV
added 2014/06/05 9:55 p.m.2 views

DEBIAN-CVE-2014-3470

The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by triggering a NULL certificate...

4.3CVSS6.6AI score0.85784EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/06/05 12:12 p.m.7 views

openssl: client-side denial of service when using anonymous ECDH

The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by triggering a NULL certificate...

4.3CVSS6.8AI score0.85784EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2009/09/30 5:24 p.m.5 views

Researcher Publishes Valid Wildcard SSL Certificate

In the wake of Moxie Marlinspike’s SSL talk at Black Hat this summer, another security researcher has used the technique described in the talk to create and publish a valid wildcard certificate and private key that could be used to fool browsers into believing a site is legitimate when it is in...

0.7AI score
Exploits0References7
Rows per page
Query Builder