Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19365
HistoryMar 30, 2010 - 12:00 a.m.

OpenSSL TLS连接记录处理拒绝服务漏洞

2010-03-3000:00:00
Root
www.seebug.org
17

0.96 High

EPSS

Percentile

99.3%

JSON

CVE ID: CVE-2010-0740

OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。

在TLS连接中,某些错误格式的小版本号记录可能会在OpenSSL的ssl/s3_pkt.c文件的ssl3_get_record函数中触发空指针引用,导致拒绝服务的情况。

OpenSSL Project OpenSSL 0.9.8f - 0.9.8m
厂商补丁:

OpenSSL Project

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.openssl.org/news/secadv_20100324.txt

Related

f5 2
nessus 13
exploitpack 1
seebug 1
checkpoint_advisories 2
prion 1
cve 1
intel 1
ubuntucve 1
openvas 25
debiancve 1
openssl 1
exploitdb 1
altlinux 4
slackware 1
securityvulns 4
fedora 4
gentoo 1
f5
f5
K11533 : OpenSSL vulnerability CVE-2010-0740
2013-07-03 00:00:00
SOL11533 - OpenSSL vulnerability CVE-2010-0740
2010-05-31 00:00:00
nessus
nessus
F5 Networks BIG-IP : OpenSSL vulnerability (SOL11533)
2014-10-10 00:00:00
OpenSSL < 0.9.8n Multiple Vulnerabilities
2010-03-26 00:00:00
OpenSSL < 0.9.8n Multiple Vulnerabilities
2010-03-26 00:00:00
exploitpack
exploitpack
OpenSSL - Remote Denial of Service
2010-04-22 00:00:00
seebug
seebug
OpenSSL - Remote DoS
2014-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL TLS Connection Record Handling Denial of Service - Ver2 (CVE-2010-0740)
2014-12-28 00:00:00
OpenSSL TLS Connection Record Handling Denial of Service (CVE-2010-0740)
2010-05-16 00:00:00
prion
prion
Null pointer dereference
2010-03-26 18:30:00
cve
cve
CVE-2010-0740
2010-03-26 18:30:00
intel
intel
OpenSSL* vulnerability – Software Development Tools for Intel® Active Management Technology (Intel® AMT)
2010-07-20 00:00:00
ubuntucve
ubuntucve
CVE-2010-0740
2010-03-26 00:00:00
openvas
openvas
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
2010-04-20 00:00:00
Slackware Advisory SSA:2010-090-01 openssl
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2010-090-01)
2012-09-10 00:00:00
debiancve
debiancve
CVE-2010-0740
2010-03-26 18:30:00
openssl
openssl
Vulnerability in OpenSSL CVE-2010-0740
2010-03-24 00:00:00
exploitdb
exploitdb
OpenSSL - Remote Denial of Service
2010-04-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssl10 version 0.9.8n-alt1
2010-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8n-alt1
2010-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8n-alt1
2010-03-25 00:00:00
slackware
slackware
[slackware-security] openssl
2010-03-31 21:03:53
securityvulns
securityvulns
OpenSSL DoS confitions
2010-04-22 00:00:00
[ MDVSA-2010:076-1 ] openssl
2010-04-22 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: openssl-1.0.0-1.fc13
2010-04-09 03:42:47
[SECURITY] Fedora 12 Update: openssl-1.0.0-4.fc12
2010-05-25 18:42:18
[SECURITY] Fedora 11 Update: openssl-0.9.8n-1.fc11
2010-04-16 23:49:46
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00

0.96 High

EPSS

Percentile

99.3%

JSON
Related for SSV:19365
f52nessus13exploitpack1seebug1checkpoint_advisories2prion1cve1intel1ubuntucve1openvas25debiancve1openssl1exploitdb1altlinux4slackware1securityvulns4fedora4gentoo1