Lucene search
K

87 matches found

OSV
OSV
added 2010/03/26 6:30 p.m.1 views

DEBIAN-CVE-2010-0740

The ssl3getrecord function in ssl/s3pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service crash via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained...

5CVSS8.8AI score0.2035EPSS
Exploits5References1
OSV
OSV
added 2009/05/19 7:30 p.m.1 views

DEBIAN-CVE-2009-1378

Multiple memory leaks in the dtls1processoutofseqmessage function in ssl/d1both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service memory consumption via DTLS records that 1 are duplicates or 2 have sequence numbers much greater than current sequenc...

5CVSS7.6AI score0.12746EPSS
Exploits12References1
RedHat Linux
RedHat Linux
added 2008/05/20 2:15 p.m.7 views

openssl signature forgery

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

4.3CVSS7AI score0.04894EPSS
Exploits1References4
OSV
OSV
added 2006/09/28 6:7 p.m.3 views

DEBIAN-CVE-2006-2940

OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service CPU consumption via parasitic public keys with large 1 "public exponent" or 2 "public modulus" values in X.509 certificates that require extra time to process when using RSA...

7.8CVSS9.1AI score0.04903EPSS
Exploits1References1
Opera Security Advisories
Opera Security Advisories
added 2006/09/21 12:0 a.m.9 views

A forged SSL server certificate can be accepted by Opera as a valid certificate – Opera Security Advisories

A forged SSL server certificate can be accepted by Opera as a valid certificate – Opera Security Advisories OPCOM Team | September 21, 2006 Summary: A forged SSL server certificate can be accepted by Opera as a valid certificate. Severity: Highly critical Vulnerable versions: Opera for desktop...

5.7AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2004/03/17 1:58 p.m.6 views

security flaw

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service infinite loop, as demonstrated using the Codenomicon TLS Test Tool...

5CVSS5.8AI score0.07229EPSS
Exploits0References4
FreeBSD Advisory
FreeBSD Advisory
added 2001/07/30 12:0 a.m.7 views

FreeBSD-SA-01:51.openssl

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:51 Security Advisory FreeBSD, Inc. Topic: OpenSSL 0.9.6a and earlier contain flaw in PRNG REVISED Category: core Module: openssl Announced: 2001-07-30 Revised: 2001-07-31...

5.8AI score
Exploits0
Rows per page
Query Builder