Lucene search
RootSSV:11378HistoryMay 21, 2009 - 12:00 a.m.
OpenSSL DTLS报文多个拒绝服务漏洞
2009-05-2100:00:00
Root
www.seebug.org
140
0.053 Low
EPSS
Percentile
92.2%
Bugraq ID: 35001
CVE ID:CVE-2009-1378
CVE-2009-1377
CNCVE ID:CNCVE-20091378
CNCVE-20091377
OpenSSL是一款开放源码的SSL实现,用来实现网络通信的高强度加密。
OpenSSL存在多个漏洞,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。
-OpenSSL库没有正确限制缓冲DTLS记录的数值,提交特殊构建的DTLS报文可导致消耗所有内存。
-处理DTLS消息时存在错误,通过发送大量乱序的握手消息可消耗大量内容。
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 0.9.8 e
OpenSSL Project OpenSSL 0.9.8 d
OpenSSL Project OpenSSL 0.9.8 c
OpenSSL Project OpenSSL 0.9.8 b
OpenSSL Project OpenSSL 0.9.8 a
OpenSSL Project OpenSSL 0.9.8
- Gentoo Linux
OpenSSL Project OpenSSL 0.9.8g
OpenSSL Project OpenSSL 0.9.8f
OpenSSL Project OpenSSL 0.9.8 f
CVS库已经修补此漏洞:
<a href=“http://cvs.openssl.org/chngview?cn=18187” target=“_blank”>http://cvs.openssl.org/chngview?cn=18187</a>
<a href=“http://cvs.openssl.org/chngview?cn=18188” target=“_blank”>http://cvs.openssl.org/chngview?cn=18188</a>
Related
openvas
openvas
Mandrake Security Advisory MDVSA-2009:120 (openssl)
2009-06-05 00:00:00
Mandrake Security Advisory MDVSA-2009:120 (openssl)
2009-06-05 00:00:00
FreeBSD Ports: opensll
2009-06-05 00:00:00
nessus
nessus
FreeBSD : openssl -- denial of service in DTLS implementation (82b55df8-4d5a-11de-8811-0030843d3802)
2009-06-01 00:00:00
Mandriva Linux Security Advisory : openssl (MDVSA-2009:120)
2009-05-22 00:00:00
Fedora 10 : openssl-0.9.8g-14.fc10 (2009-5412)
2009-06-21 00:00:00
freebsd
freebsd
openssl -- denial of service in DTLS implementation
2009-05-18 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:120 ] openssl
2009-05-21 00:00:00
OpenSSL multiple security vulnerabilities
2009-05-21 00:00:00
[USN-792-1] OpenSSL vulnerabilities
2009-06-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssl10 version 0.9.8k-alt2
2009-05-21 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8k-alt2
2009-05-21 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.8k-alt2
2009-05-21 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: openssl-0.9.8k-5.fc11
2009-06-19 13:42:48
[SECURITY] Fedora 10 Update: openssl-0.9.8g-14.fc10
2009-06-19 13:35:27
[SECURITY] Fedora 9 Update: openssl-0.9.8g-9.14.fc9
2009-06-19 13:40:57
ubuntu
ubuntu
OpenSSL vulnerabilities
2009-06-25 00:00:00
exploitpack
exploitpack
OpenSSL 0.9.8k1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service
2009-05-18 00:00:00
OpenSSL 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
2009-06-04 00:00:00
f5
f5
SOL15359 - OpenSSL vulnerability CVE-2009-1378
2014-06-19 00:00:00
SOL15366 - OpenSSL DTLS vulnerability CVE-2009-1377
2014-06-25 00:00:00
K15359 : OpenSSL vulnerability CVE-2009-1378
2014-06-19 00:00:00
debiancve
debiancve
CVE-2009-1378
2009-05-19 19:30:00
CVE-2009-1377
2009-05-19 19:30:00
osv
osv
openssl - cryptographic weakness
2009-09-15 00:00:00
seebug
seebug
OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
2009-05-19 00:00:00
OpenSSL <= 0.9.8k 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
2009-05-18 00:00:00
OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
2014-07-01 00:00:00
cve
cve
CVE-2009-1378
2009-05-19 19:30:00
CVE-2009-1377
2009-05-19 19:30:00
prion
prion
Memory corruption
2009-05-19 19:30:00
Design/Logic Flaw
2009-05-19 19:30:00
ubuntucve
ubuntucve
CVE-2009-1378
2009-05-19 00:00:00
CVE-2009-1377
2009-05-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:41:59
Denial Of Service (DoS)
2020-04-10 00:42:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-1377
2009-05-12 00:00:00
Vulnerability in OpenSSL CVE-2009-1378
2009-05-12 00:00:00
debian
debian
[SECURITY] [DSA 1888-1] New openssl packages deprecate MD2 hash signatures
2009-09-15 21:37:22
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2009-12-01 00:00:00
exploitdb
exploitdb
OpenSSL 0.9.8k/1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service
2009-05-18 00:00:00
OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
2009-06-04 00:00:00
oraclelinux
oraclelinux
openssl security, bug fix, and enhancement update
2009-09-08 00:00:00
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
centos
centos
openssl security update
2009-09-15 18:42:01
redhat
redhat
(RHSA-2009:1335) Moderate: openssl security, bug fix, and enhancement update
2009-09-02 09:47:12
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
lenovo
lenovo
Intel® PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intel® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51