Vulnerability in OpenSSL - DTLS memory leak in dtls1_buffer_record

A memory leak can occur in the dtls1bufferrecord function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack throug...

Vulnerability in OpenSSL - Crash with SRP ciphersuite in Server Hello message

A crash was found affecting SRP ciphersuites used in a Server Hello message. The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference read by specifying an SRP ciphersuite even though it was not properly negotiated with the client. This...

Vulnerability in OpenSSL - Invalid GOST parameters DoS Attack

A malicious TLS client can send an invalid set of GOST parameters which will cause the server to crash due to lack of error checking. This could be used in a denial-of-service attack. Only users of the OpenSSL GOST ENGINE are affected by this bug. Found by Andrey Kulikov...

Vulnerability in OpenSSL CVE-2007-4995

A flaw in DTLS support. An attacker could create a malicious client or server that could trigger a heap overflow. This is possibly exploitable to run arbitrary code, but it has not been verified. Found by Andy Polyakov...

Vulnerability in OpenSSL CVE-2004-0079

The Codenomicon TLS Test Tool uncovered a null-pointer assignment in the dochangecipherspec function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause a crash. Found by OpenSSL group...

Vulnerability in OpenSSL - Multiblock corrupted pointer

Multiblock corrupted pointer. OpenSSL 1.0.2 introduced the “multiblock” performance improvement. This feature only applies on 64 bit x86 architecture platforms that support AES NI instructions. A defect in the implementation of “multiblock” can cause OpenSSL’s internal write buffer to become...

Vulnerability in OpenSSL - OpenSSL DTLS anonymous EC(DH) denial of service

A flaw in handling DTLS anonymous ECDH ciphersuites was found. OpenSSL DTLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference read by specifying an anonymous ECDH ciphersuite and sending...

Vulnerability in OpenSSL CVE-2010-4180

A flaw in the OpenSSL SSL/TLS server code where an old bug workaround allows malicious clients to modify the stored session cache ciphersuite. In some cases the ciphersuite can be downgraded to a weaker one on subsequent connections. This issue only affects OpenSSL based SSL/TLS server if it uses...

Vulnerability in OpenSSL CVE-2003-0545

Certain ASN.1 encodings that were rejected as invalid by the parser could trigger a bug in the deallocation of the corresponding data structure, corrupting the stack, leading to a crash. Found by NISCC...

Vulnerability in OpenSSL CVE-2003-0078

sl3getrecord in s3pkt.c did not perform a MAC computation if an incorrect block cipher padding was used, causing an information leak timing discrepancy that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading...

Vulnerability in OpenSSL - Alternative chains certificate forgery

An error in the implementation of the alternative certificate chain logic could allow an attacker to cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and “issue” an invalid certificate. Found by Adam...

Vulnerability in OpenSSL - Empty CKE with client auth and DHE

Empty CKE with client auth and DHE. If client auth is used then a server can seg fault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. Found by Matt Caswell OpenSSL development team...

Vulnerability in OpenSSL CVE-2009-1378

Fix a denial of service flaw in the DTLS implementation. In dtls1processoutofseqmessage the check if the current message is already buffered was missing. For every new message was memory allocated, allowing an attacker to perform an denial of service attack against a DTLS server by sending out of...

Vulnerability in OpenSSL CVE-2009-0590

The function ASN1STRINGprintex when used to print a BMPString or UniversalString will crash with an invalid memory access if the encoded length of the string is illegal. Any OpenSSL application which prints out the contents of a certificate could be affected by this bug, including SSL servers,...

Vulnerability in OpenSSL CVE-2008-5077

The Google Security Team discovered several functions inside OpenSSL incorrectly checked the result after calling the EVPVerifyFinal function, allowing a malformed signature to be treated as a good signature rather than as an error. This issue affected the signature checks on DSA and ECDSA keys...

Vulnerability in OpenSSL CVE-2002-1568

The use of assertions when detecting buffer overflow attacks allowed remote attackers to cause a denial of service crash by sending certain messages to cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENTMASTERKEY messages, which were not properly handled in s2srvr.c...

Vulnerability in OpenSSL - SGC Restart DoS Attack

Support for handshake restarts for server gated cryptograpy SGC can be used in a denial-of-service attack. Found by George Kadianakis...

Vulnerability in OpenSSL CVE-2008-1672

Testing using the Codenomicon TLS test suite discovered a flaw if the ‘Server Key exchange message’ is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash. Found by...

Vulnerability in OpenSSL - SRP buffer overrun

A SRP buffer overrun was found. A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. Found by Sean Devlin and Watson Ladd Cryptography Services, NCC Group...

Vulnerability in OpenSSL - TLS 1.1 and 1.2 AES-NI crash

A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a DoS attack. Found by Adam Langley and Wolfgang Ettlinger...

Vulnerability in OpenSSL CVE-2006-2940

Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. Found by openssl...

Vulnerability in OpenSSL CVE-2002-0657

A buffer overflow when Kerberos is enabled allowed attackers to execute arbitrary code by sending a long master key. Note that this flaw did not affect any released version of 0.9.6 or 0.9.7. Found by OpenSSL Group A.L. Digital...

Vulnerability in OpenSSL CVE-2007-5502

The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. Found by Geof...

Vulnerability in OpenSSL CVE-2009-0591

The function CMSverify does not correctly handle an error condition involving malformed signed attributes. This will cause an invalid set of signed attributes to appear valid and content digests will not be checked. Found by Ivan Nestlerode, IBM...

Vulnerability in OpenSSL - Anon DH ServerKeyExchange with 0 p parameter

If a client receives a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0 then a seg fault can occur leading to a possible denial of service attack. Found by Guy Leaver Cisco...

Vulnerability in OpenSSL CVE-2011-3210

OpenSSL server code for ephemeral ECDH ciphersuites is not thread-safe, and furthermore can crash if a client violates the protocol by sending handshake messages in incorrect order. Only server-side applications that specifically support ephemeral ECDH ciphersuites are affected, and only if...

Vulnerability in OpenSSL CVE-2011-0014

A buffer over-read flaw was discovered in the way OpenSSL parsed the Certificate Status Request TLS extensions in ClientHello TLS handshake messages. A remote attacker could possibly use this flaw to crash an SSL server using the affected OpenSSL functionality. Found by Neel Mehta...

Vulnerability in OpenSSL - SSLv2 Client Crash

A flaw in the SSLv2 client code was discovered. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. Found by openssl...