CVE-2020-36161

An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:. A low privileged user can create a directory at the configuration file locations. When the Windows system restarts, a malicious OpenSSL engin...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

Multiple vulnerabilities fixed in IBM Aspera

IBM has fixed several vulnerabilities in the Aspera Suite. The vulnerabilities are in the underlying OpenSSL, cURL libcurl and FasterXML jackson databind software. A malicious party could potentially exploit the vulnerabilities to bypassing security measures, accessing sensitive data and from bei...

wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory OOM issue, leading to a denial of service. The highest threat from this vulnerability is to system availability...

freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access

In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads use the same BNCTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a...

CVE-2020-10139

Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...

The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

...

netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl

An infinite-loop vulnerability was discovered in Netty's OpenSslEngine handling of renegotiation. An attacker could exploit this flaw to cause a denial of service. Note: Netty is only vulnerable if renegotiation is enabled default setting...

The vulnerability of the fill-checking function in the AES-NI implementation of the OpenSSL library allows a perpetrator to gain unauthorized access to confidential data.

The vulnerability of the fill-checking function in the AES-NI implementation of the OpenSSL library is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to confidential data...

The vulnerability of the Montgomery quadradic multiplication algorithm implementation in OpenSSL libraries is related to an error in integer transfer on the x86_64 platform, which allows an attacker to gain unauthorized access to sensitive information.

The vulnerability of the Montgomery quadradic multiplication algorithm implementation in the OpenSSL library is related to an error in arithmetic operations on the x8664 platform. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to sensiti...

The vulnerability of the SSL_check_chain function in the TLS protocol implementation of the OpenSSL library involves the possibility of reassigning the null pointer due to incorrect processing of the “signature_algorithms_cert” extension in TLS. This allows a perpetrator to cause a service failure.

The vulnerability of the SSLcheckchain function in the TLS protocol implementation of the OpenSSL library is related to the possibility of replacing the zero pointer due to incorrect processing of the “signaturealgorithmscert” extension in TLS. Exploiting this vulnerability can allow a malicious...

LibVNCServer code issue vulnerability (CNVD-2020-36782)

LibVNCServer is a cross-platform C library that supports the implementation of VNC Virtual Network Computing server or client functionality in a program. A code issue vulnerability exists in the libvncclient/tlsopenssl.c file in versions of LibVNCServer prior to 0.9.13. A remote attacker could...

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

DEBIAN-CVE-2020-1967

Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

The vulnerability of the OSSL Module web server of the Oracle HTTP Server and the SSL API component of the Oracle Security Service, which allows a hacker to cause a service failure.

The vulnerability of the OSSL Module web server of the Oracle HTTP Server and the SSL API component of the Oracle Security Service is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service failures using the HTTPS protocol...

The vulnerability of the PA-RISC CRYPTO_memcmp function in the OpenSSL library, related to information disclosure, allows attackers to gain access to confidential data.

The vulnerability of the PA-RISC CRYPTOmemcmp function in the OpenSSL library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...