13 matches found
ROS-20251112-02
A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
EUVD-2020-12761
Malware in sbrugna...
BIT-NODE-MIN-2020-1971 EDIPARTYNAME NULL pointer dereference
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...
EulerOS Virtualization 2.9.0 : shim (EulerOS-SA-2023-2025)
According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parse...
Oracle Linux 6 : openssl (ELSA-2023-12326)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12326 advisory. 1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 Tenable has extracted the preceding description block directly from the Oracle Linux security...
SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:0482-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0482-1 advisory. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as...
NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)
The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...
openssl: EDIPARTYNAME NULL pointer de-reference
A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERALNAMEcmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability...
openssl: EDIPARTYNAME NULL pointer de-reference
A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERALNAMEcmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability...
[SECURITY] [DLA 2493-1] openssl1.0 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2493-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 14, 2020 https://wiki.debian.org/LTS -...
Null pointer dereference
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...
[SECURITY] [DSA 4807-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4807-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 08, 2020 https://www.debian.org/security/faq -...
OpenSSL -- NULL pointer de-reference
The OpenSSL project reports: EDIPARTYNAME NULL pointer de-reference High The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a...