DEBIAN-CVE-2019-1551

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang

During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

DEBIAN-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

Ubuntu Update for openssl USN-1451-1

Ubuntu Update for Linux kernel vulnerabilities USN-1451-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14511.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for openssl USN-1451-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...