150 matches found
CAs Form New Alliance to Focus on Security Issues, Education
A group of large certificate authorities, including some that have been the victims of recent compromises of their CA systems, have formed an alliance designed to develop strategies for strengthening the CA infrastructure through education and industry initiatives. Comodo, DigiCert, Entrust,...
openssl: OCSP stapling vulnerability
ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...
Fedora 14 : mingw32-openssl-1.0.0a-2.fc14 (2011-5865)
This update contains fixes for CVE-2011-0014 openssl: OCSP stapling vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 13 : openssl-1.0.0d-1.fc13 (2011-1255)
This is update to a new upstream release that fixes CVE-2011-0014 - OCSP stapling vulnerability. There are also changes updating the FIPS validation related code that should not affect in any way operation of the OpenSSL library in the non-FIPS mode. Note that Tenable Network Security has extract...
CVE-2011-0014
ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...
DEBIAN-CVE-2011-0014
ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...
[slackware-security] openssl
New openssl packages are available for 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/openssl-0.9.8r-i486-1slack13.1.txz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For...
CVE-2011-0014
ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...
OpenSSL < 0.9.8r / 1.0.0d OCSP Stapling Denial of Service
Binary data 801053.prm...
OpenSSL < 0.9.8r / 1.0.0d OCSP Stapling DoS
Binary data 5782.prm...