Lucene search
K

23 matches found

F5 Networks
F5 Networks
added 2023/02/21 8:1 p.m.39 views

K15351: OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386

Security Advisory Description ssl/s3pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a DTLS ChangeCipherSpec packet that occurs before ClientHello. CVE-2009-1386 Impact None Security Advisory Status To determine if...

5CVSS6.9AI score0.80134EPSS
Exploits9
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.35 views

Oracle: Security Advisory (ELSA-2009-1335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.80134EPSS
Exploits20References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.52 views

OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit

No description provided by source. / cve-2009-1386.c OpenSSL 0.9.8i DTLS ChangeCipherSpec Remote DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 OpenSSL would SegFault if the DTLS server receives a...

5CVSS7.1AI score0.80134EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.41 views

RHEL 5 : openssl (RHSA-2009:1335)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1335 advisory. - openssl: mimehdrcmp NULL dereference crash CVE-2006-7250 - openssl: ASN1 printing crash CVE-2009-0590 - OpenSSL: DTLS epoch record buffer...

5CVSS7.4AI score0.80134EPSS
Exploits20References17
Metasploit
Metasploit
added 2011/05/04 7:8 p.m.23 views

OpenSSL DTLS ChangeCipherSpec Remote DoS

This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello. This module requires Metasploit: https://metasploit.com/download Current source:...

5CVSS0.8AI score0.80134EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2010/06/01 12:0 a.m.47 views

VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates

a. Service Console update for COS kernel Updated COS package 'kernel' addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286,...

10CVSS7.4AI score0.80134EPSS
Exploits61References44
securityvulns
securityvulns
added 2010/04/26 12:0 a.m.119 views

[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02029444 Version: 1 HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, Denial of Service DoS, Execution of Arbitrary Code,...

10CVSS0.8AI score0.80134EPSS
Exploits23
OpenVAS
OpenVAS
added 2009/10/11 12:0 a.m.35 views

SLES11: Security update for OpenSSL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libopenssl098 openssl openssl-doc More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references...

5CVSS7.1AI score0.80134EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.48 views

Mandrake Security Advisory MDVSA-2009:238 (openssl)

The remote host is missing an update to openssl announced via advisory MDVSA-2009:238. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5.1CVSS6.7AI score0.80134EPSS
Exploits12References1
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.39 views

Mandrake Security Advisory MDVSA-2009:237 (openssl)

The remote host is missing an update to openssl announced via advisory MDVSA-2009:237. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5.1CVSS6.5AI score0.80134EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.41 views

SuSE 11 Security Update : OpenSSL (SAT Patch Number 990)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...

5CVSS6.9AI score0.80134EPSS
Exploits10References5
OpenVAS
OpenVAS
added 2009/09/21 12:0 a.m.31 views

CentOS Security Advisory CESA-2009:1335 (openssl)

The remote host is missing updates to openssl announced in advisory CESA-2009:1335. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5CVSS7.5AI score0.80134EPSS
Exploits20References2
OSV
OSV
added 2009/09/16 12:0 a.m.39 views

DSA-1888-1 openssl - cryptographic weakness

Bulletin has no description...

5.1CVSS6.8AI score0.04506EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.56 views

openSUSE Security Update : libopenssl-devel (libopenssl-devel-974)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5CVSS6.9AI score0.80134EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2009/06/26 12:0 a.m.47 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerabilities (USN-792-1)

It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. CVE-2009-1377 It was discovered that...

5CVSS7.1AI score0.80134EPSS
Exploits20References6
Tenable Nessus
Tenable Nessus
added 2009/06/18 12:0 a.m.34 views

openSUSE 10 Security Update : libopenssl-devel (libopenssl-devel-6291)

OpenSSL DTLS remote DoS in ChangeCipherSpec CVE-2009-1386 and in out-of-sequence message handling CVE-2009-1387 have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5CVSS6.9AI score0.80134EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2009/06/12 12:0 a.m.40 views

Denial Of Service Vulnerability in OpenSSL (Jun 2009) - Linux

OpenSSL is prone to a Denial of Service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

5CVSS7.3AI score0.80134EPSS
Exploits9References4
seebug.org
seebug.org
added 2009/06/06 12:0 a.m.61 views

OpenSSL ChangeCipherSpec DTLS报文拒绝服务漏洞

BUGTRAQ ID: 35174 CVECAN ID: CVE-2009-1386 OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。 如果在ClientHello报文之前发送了DTLS ChangeCipherSpec报文,就可能在OpenSSL的ssl/s3pkt.c文件中触发空指针引用,导致拒绝服务的情况。 OpenSSL 0.9.8i 厂商补丁: OpenSSL Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

5CVSS0.8AI score0.80134EPSS
Exploits9
seebug.org
seebug.org
added 2009/06/05 12:0 a.m.48 views

OpenSSL &lt; 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit

No description provided by source. / cve-2009-1386.c OpenSSL 0.9.8i DTLS ChangeCipherSpec Remote DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 OpenSSL would SegFault if the DTLS server receives a...

5CVSS7.1AI score0.80134EPSS
Exploits17
UbuntuCve
UbuntuCve
added 2009/06/04 4:30 p.m.27 views

CVE-2009-1386

ssl/s3pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a DTLS ChangeCipherSpec packet that occurs before ClientHello...

5CVSS6.8AI score0.80134EPSS
Exploits9References2
Rows per page
Query Builder