3 matches found
The vulnerability of the fill-checking function in the AES-NI implementation of the OpenSSL library allows a perpetrator to gain unauthorized access to confidential data.
The vulnerability of the fill-checking function in the AES-NI implementation of the OpenSSL library is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to confidential data...
F5 Networks BIG-IP : OpenSSL vulnerability (K93600123)
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session, NOTE: this vulnerability...
OpenSSL 1.0.1 < 1.0.1t Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.1t. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1t advisory. - The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to...