BIT-NODE-2020-1971 EDIPARTYNAME NULL pointer dereference

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

NewStart CGSL CORE 5.05 / MAIN 5.05 : openssl Vulnerability (NS-SA-2021-0158)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssl packages installed that are affected by a vulnerability: - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

F5 Networks BIG-IP : OpenSSL vulnerability (K42910051)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4 / 15.1.4.1 / 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K42910051 advisory. The X.509 GeneralName type is a generic type for representing different types of names. One of those name...

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Vulnerability (NS-SA-2021-0020)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

EulerOS Virtualization for ARM 64 3.0.6.0 : openssl (EulerOS-SA-2021-1549)

According to the version of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known...

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2021-1505)

According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as...

EulerOS 2.0 SP2 : openssl (EulerOS-SA-2021-1338)

According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL...

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-1014)

According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL...

Updated compat-openssl10 packages fix security vulnerabilities

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman DH based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted...

Oracle Linux 7 : ELSA-2020-5566-1: / openssl (ELSA-2020-55661)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-55661 advisory. 1.0.2k-21 - remove ASN1FASN1ITEMEMBEDD2I from openssl-1.0.2k-cve-2020-1971.patch 1.0.2k-20 - fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference...

OpenSSL 1.0.2 < 1.0.2x Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2x. It is, therefore, affected by a vulnerability as referenced in the 1.0.2x advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName...

Amazon Linux 2 : openssl, openssl11 (ALAS-2020-1573)

The version of openssl installed on the remote host is prior to 1.0.2k-19. The version of openssl11 installed on the remote host is prior to 1.1.1c-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1573 advisory. A null pointer dereference flaw was found in openssl...

Null pointer dereference

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

OpenSSL: EDIPARTYNAME NULL Pointer De-reference Vulnerability (CVE-2020-1971) - Linux

OpenSSL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

openSUSE Security Update : compat-openssl098 (openSUSE-2015-940)

This update for compat-openssl098 fixes the following issues : Security issue fixed : - CVE-2015-3195: When presented with a malformed X509ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS7 and CMS routines so any application which reads PKCS7 or CMS data from...

Mandrake Security Advisory MDVSA-2009:239 (openssl)

The remote host is missing an update to openssl announced via advisory MDVSA-2009:239. OpenVAS Vulnerability Test $Id: mdksa2009239.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:239 openssl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Design/Logic Flaw

Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server tha...

Sun Java System Delegated Administrator 6.x - HTTP Response Splitting

source: https://www.securityfocus.com/bid/34643/info Sun Java System Delegated Administrator is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served,...