8.2 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.955 High
EPSS
Percentile
99.4%
It was discovered that OpenSSL incorrectly handled return codes from the
bn_wexpand function calls. A remote attacker could trigger this flaw in
services that used SSL to cause a denial of service or possibly execute
arbitrary code with application privileges. This issue only affected Ubuntu
6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2009-3245)
It was discovered that OpenSSL incorrectly handled certain private keys
with an invalid prime. A remote attacker could trigger this flaw in
services that used SSL to cause a denial of service or possibly execute
arbitrary code with application privileges. The default compiler options
for affected releases should reduce the vulnerability to a denial of
service. (CVE-2010-2939)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | libssl0.9.8 | <ย 0.9.8g-16ubuntu3.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | libcrypto0.9.8-udeb | <ย 0.9.8g-16ubuntu3.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | libssl-dev | <ย 0.9.8g-16ubuntu3.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | libssl0.9.8-dbg | <ย 0.9.8g-16ubuntu3.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | openssl | <ย 0.9.8g-16ubuntu3.3 | UNKNOWN |
Ubuntu | 9.04 | noarch | libssl0.9.8 | <ย 0.9.8g-15ubuntu3.6 | UNKNOWN |
Ubuntu | 9.04 | noarch | libcrypto0.9.8-udeb | <ย 0.9.8g-15ubuntu3.6 | UNKNOWN |
Ubuntu | 9.04 | noarch | libssl-dev | <ย 0.9.8g-15ubuntu3.6 | UNKNOWN |
Ubuntu | 9.04 | noarch | libssl0.9.8-dbg | <ย 0.9.8g-15ubuntu3.6 | UNKNOWN |
Ubuntu | 9.04 | noarch | openssl | <ย 0.9.8g-15ubuntu3.6 | UNKNOWN |