Vulnerability in OpenSSL CVE-2008-5077

The Google Security Team discovered several functions inside OpenSSL incorrectly checked the result after calling the EVPVerifyFinal function, allowing a malformed signature to be treated as a good signature rather than as an error. This issue affected the signature checks on DSA and ECDSA keys...

Vulnerability in OpenSSL CVE-2008-1672

Testing using the Codenomicon TLS test suite discovered a flaw if the ‘Server Key exchange message’ is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash. Found by...

Vulnerability in OpenSSL CVE-2008-0891

Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server...

Vulnerability in OpenSSL CVE-2007-5502

The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. Found by Geof...

Vulnerability in OpenSSL CVE-2007-5135

A flaw was found in the SSLgetsharedciphers utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer with a single byte. Few applications make use of this vulnerable function and generally it is used only when applications are...

Vulnerability in OpenSSL CVE-2007-4995

A flaw in DTLS support. An attacker could create a malicious client or server that could trigger a heap overflow. This is possibly exploitable to run arbitrary code, but it has not been verified. Found by Andy Polyakov...

Vulnerability in OpenSSL CVE-2006-2937

During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. Found by openssl...

Vulnerability in OpenSSL - SSLv2 Client Crash

A flaw in the SSLv2 client code was discovered. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. Found by openssl...

Vulnerability in OpenSSL - SSL_get_shared_ciphers() buffer overflow

A buffer overflow was discovered in the SSLgetsharedciphers utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer. Found by openssl...

Vulnerability in OpenSSL CVE-2006-2940

Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. Found by openssl...

Vulnerability in OpenSSL - RSA Signature Forgery

Daniel Bleichenbacher discovered an attack on PKCS 1 v1.5 signatures where under certain circumstances it may be possible for an attacker to forge a PKCS 1 v1.5 signature that would be incorrectly verified by OpenSSL. Found by openssl...

Vulnerability in OpenSSL CVE-2005-2969

A deprecated option, SSLOPMISESSLV2RSAPADDING, could allow an attacker acting as a “man in the middle” to force a connection to downgrade to SSL 2.0 even if both parties support better protocols. Found by researcher...

Vulnerability in OpenSSL CVE-2004-0975

The derchop script created temporary files insecurely which could allow local users to overwrite files via a symlink attack on temporary files. Note that it is quite unlikely that a user would be using the redundant derchop script, and this script was removed from the OpenSSL distribution...

Vulnerability in OpenSSL CVE-2004-0112

A flaw in SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos...

Vulnerability in OpenSSL CVE-2004-0081

The Codenomicon TLS Test Tool found that some unknown message types were handled incorrectly, allowing a remote attacker to cause a denial of service infinite loop. Found by OpenSSL group...

Vulnerability in OpenSSL CVE-2004-0079

The Codenomicon TLS Test Tool uncovered a null-pointer assignment in the dochangecipherspec function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause a crash. Found by OpenSSL group...

Vulnerability in OpenSSL CVE-2003-0851

A flaw in OpenSSL 0.9.6k only would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequence...

Vulnerability in OpenSSL CVE-2003-0545

Certain ASN.1 encodings that were rejected as invalid by the parser could trigger a bug in the deallocation of the corresponding data structure, corrupting the stack, leading to a crash. Found by NISCC...

Vulnerability in OpenSSL CVE-2003-0544

Incorrect tracking of the number of characters in certain ASN.1 inputs could allow remote attackers to cause a denial of service crash by sending an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. Found by NISCC...

Vulnerability in OpenSSL CVE-2003-0543

An integer overflow could allow remote attackers to cause a denial of service crash via an SSL client certificate with certain ASN.1 tag values. Found by NISCC...

Vulnerability in OpenSSL CVE-2003-0131

The SSL and TLS components allowed remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS 1 v1.5 padding that caused OpenSSL to leak information regarding the relationship between...

Vulnerability in OpenSSL CVE-2003-0147

RSA blinding was not enabled by default, which could allow local and remote attackers to obtain a server’s private key by determining factors using timing differences on 1 the number of extra reductions during Montgomery reduction, and 2 the use of different integer multiplication algorithms...

Vulnerability in OpenSSL CVE-2003-0078

sl3getrecord in s3pkt.c did not perform a MAC computation if an incorrect block cipher padding was used, causing an information leak timing discrepancy that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading...

Vulnerability in OpenSSL CVE-2002-1568

The use of assertions when detecting buffer overflow attacks allowed remote attackers to cause a denial of service crash by sending certain messages to cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENTMASTERKEY messages, which were not properly handled in s2srvr.c...

Vulnerability in OpenSSL CVE-2002-0657

A buffer overflow when Kerberos is enabled allowed attackers to execute arbitrary code by sending a long master key. Note that this flaw did not affect any released version of 0.9.6 or 0.9.7. Found by OpenSSL Group A.L. Digital...

Vulnerability in OpenSSL CVE-2002-0656

A buffer overflow allowed remote attackers to execute arbitrary code by sending a large client master key in SSL2 or a large session ID in SSL3. Found by OpenSSL Group A.L. Digital...

Vulnerability in OpenSSL CVE-2002-0655

Inproper handling of ASCII representations of integers on 64 bit platforms allowed remote attackers to cause a denial of service or possibly execute arbitrary code. Found by OpenSSL Group A.L. Digital...

Vulnerability in OpenSSL CVE-2002-0659

A flaw in the ASN1 library allowed remote attackers to cause a denial of service by sending invalid encodings...