13 matches found
Denial Of Service (DoS)
org.bouncycastle: bcprov is vulnerable to Denial of Service DoS. The vulnerability arises due to parsing certificates in the PEMParser class. This class is responsible for parsing X.509 certificates, encoded keys and PKCS7 objects. The parser can throw an OutOfMemoryError while parsing crafted...
RHEL 8 : compat-openssl10 (RHSA-2022:5326)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:5326 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
openssl security update
1:1.0.2k-25 - Fixes CVE-2022-2078 Infinite loop in BNmodsqrt reachable when parsing certificates - Related: rhbz2067160...
RHEL 7 : openssl (RHSA-2022:1077)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1077 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
RHEL 8 : openssl (RHSA-2022:1091)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1091 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Updated openssl packages fix security vulnerability
Infinite loop in BNmodsqrt reachable when parsing certificates. CVE-2022-0778...
Oracle Linux 8 : openssl (ELSA-2022-9233)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9233 advisory. 1:1.1.1k-5.0.1 - fix CVE-2022-0778 - possible infinite loop in BNmodsqrt Orabug: 33974871 Tenable has extracted the preceding description block directly from th...
CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates
The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...
Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...
Debian DSA-3673-1 : openssl - security update
Several vulnerabilities were discovered in OpenSSL : - CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-p ointer-arithmetic/ - CVE-2016-2178 Cesar Pereida, Billy...
Error installing BEM – System.IndexOutOfRangeException: Index was outside the bounds of the array
Challenge Cause As indicated by this line in the error message "VmEMSetup.Dialogs.VMEMDialogAddConfig.EnumSSLCertificates", there is an issue parsing certificates with an empty Subject field, and they will need to be removed. The offending certificates are not self-signed because they are generat...
CVE-2006-0120
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service application crash via multiple vectors, involving 1 a malformed message sent to an "Out Of Office" agent SPR LPEE6DMQWJ, 2 the compact command RTIN5U2SAJ, 3 malforme...