Lucene search
K

11 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.59 views

K09422508: OpenSSL vulnerabilities CVE-2016-6307 and CVE-2016-6308

Security Advisory Description CVE-2016-6307 The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted TLS messages, related to...

7.1CVSS7.5AI score0.14067EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.30 views

Security Bulletin: Multiple Vulnerabilities in Glibc, GNU C and OpenSSL affect IBM Netezza Firmware Diagnostics

Summary Glibc, GNU C and OpenSSL are used by IBM Netezza Firmware Diagnostics. IBM Netezza Firmware Diagnostics Support Tools has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-1234 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a stack-based buffer...

7.5CVSS1.2AI score0.41683EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.38 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cloud Manager

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cloud Manager. IBM Cloud Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caus...

9.8CVSS1AI score0.95707EPSS
Exploits10Affected Software1
F5 Networks
F5 Networks
added 2016/10/19 12:0 a.m.66 views

SOL09422508 - OpenSSL vulnerabilities CVE-2016-6302, CVE-2016-6307, and CVE-2016-6308

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.6AI score0.26441EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/10/06 12:0 a.m.44 views

OpenSSL < 1.1.0a Multiple Vulnerabilities

Binary data 9626.prm...

7.8CVSS8.1AI score0.63029EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2016/09/30 12:0 a.m.78 views

OpenSSL 1.1.0 < 1.1.0a Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0a. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0a advisory. - The ssl3readbytes function in record/reclayers3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of...

7.8CVSS7.7AI score0.63029EPSS
Exploits3References13
OSV
OSV
added 2016/09/26 7:59 p.m.5 views

CVE-2016-6308

statem/statemdtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted DTLS messages...

5.9CVSS9AI score
Exploits0References16
UbuntuCve
UbuntuCve
added 2016/09/26 7:59 p.m.34 views

CVE-2016-6308

statem/statemdtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted DTLS messages...

7.1CVSS6.9AI score0.14067EPSS
Exploits0References2
CVE
CVE
added 2016/09/26 12:0 a.m.93 views

CVE-2016-6308

OpenSSL DTLS vulnerability CVE-2016-6308: In OpenSSL 1.1.0 before 1.1.0a, the function handling DTLS messages (statem_dtls.c) allocates memory before validating the excessive length of the incoming message, enabling a remote attacker to cause memory exhaustion and a potential Denial of Service vi...

7.1CVSS6.9AI score0.14067EPSS
Exploits0References16Affected Software1
OpenVAS
OpenVAS
added 2016/09/26 12:0 a.m.27 views

OpenSSL SSL_peek hang on empty record DoS Vulnerability - Linux

OpenSSL is prone to a Denial of Service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

7.5CVSS7.8AI score0.15997EPSS
Exploits1References1
Slackware Linux
Slackware Linux
added 2016/09/22 6:53 p.m.62 views

[slackware-security] openssl

New openssl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2i-i586-1slack14.2.txz: Upgraded. This update fixes denial-of-service and other security issues. For more...

9.8CVSS8.2AI score0.95707EPSS
Exploits9
Rows per page
Query Builder