4 matches found
[SECURITY] [DSA 5764-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5764-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 03, 2024 https://www.debian.org/security/faq -...
The vulnerability of the PA-RISC CRYPTO_memcmp function in the OpenSSL library, which allows attackers to create fake messages
The vulnerability of the PA-RISC CRYPTOmemcmp function in the OpenSSL library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to create fake messages that will be treated as authentic...
Design/Logic Flaw
The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose...
CVE-2000-0535
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken...