EUVD-2015-1324

Malware in sbrugna...

PolarSSL 'asn1_get_sequence_of' Function Uninitialized Pointer RCE

PolarSSL contains a flaw when parsing ASN.1 sequences from X.509 certificates due to freeing an uninitialized pointer by the function 'asn1getsequenceof' within file 'asn1parse.c'. An unauthenticated, remote attacker, using a specially crafted certificate, can exploit this flaw to cause a denial ...

CVE-2003-0851

OpenSSL 0.9.6k allows remote attackers to cause a denial of service crash via large recursion via malformed ASN.1 sequences...

Vulnerability in OpenSSL CVE-2003-0851

A flaw in OpenSSL 0.9.6k only would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequence...

OpenSSL 0.9.6k does not properly handle ASN.1 sequences

Overview A vulnerability in the way OpenSSL handles ASN.1 elements could allow a remote attacker to cause a denial of service on systems running Microsoft Windows. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols and includes a general purpose...