Openssl Security Vulnerabilities and Issues — Openssl CVE List

Lucene search

OpensslOpenssl

3 matches found

CVE•added 2008/05/13 5:20 p.m.•448 views

CVE-2008-0166

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.

7.8CVSS6.3AI score0.06086EPSS

CVE•added 2008/05/29 4:32 p.m.•78 views

CVE-2008-0891

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.

4.3CVSS8.1AI score0.13977EPSS

CVE•added 2008/05/29 4:32 p.m.•67 views

CVE-2008-1672

OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.

4.3CVSS8.1AI score0.22012EPSS