OpenSSL 1.0.2 < 1.0.2zc Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2zc. It is, therefore, affected by a vulnerability as referenced in the 1.0.2zc advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS...

K30184101: OpenSSL Vulnerability CVE-2021-4160

Security Advisory Description There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include...

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2022-2032)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-1455)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3...

Denial Of Service

openssl is vulnerable to denial of service. The vulnerability exists due to a carry propagation bug in the MIPS32 and MIPS64 squaring procedure which allows an attacker to cause an application crash...

Design/Logic Flaw

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

OpenSSL 3.0.0 < 3.0.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.1 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the...

EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1444)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for...

EulerOS Virtualization for ARM 64 3.0.6.0 : compat-openssl10 (EulerOS-SA-2020-1333)

According to the version of the compat-openssl10 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An integer overflow was found in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit...

openSUSE Security Update : openssl-1_0_0 (openSUSE-2020-61)

This update for openssl-100 fixes the following issues : Security issue fixed : - CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. This update was imported from the SUSE:SLE-15:Update update project. C Tenable...

SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2020:0064-1)

This update for openssl-100 fixes the following issues : Security issue fixed : CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. Note that Tenable Network Security has extracted the preceding description block...

Security Bulletin: Security Vulnerabilities in OpenSSL, glibc, gcc, Net-SNMP, and OpenSSH affect IBM Security Proventia Network Enterprise Scanner

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Proventia Network Enterprise Scanner. This bulletin addresses the applicable CVEs as well as other CVEs related to glibc, gcc, Net-SNMP, and OpenSSH. CVE-2015-5600,...

Debian DSA-4017-1 : openssl1.0 - security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed...

CVE-2017-3736

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities

Binary data 9934.prm...

USN-3181-1: OpenSSL vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...