Lucene search

K
ubuntuUbuntuUSN-1018-1
HistoryNov 18, 2010 - 12:00 a.m.

OpenSSL vulnerability

2010-11-1800:00:00
ubuntu.com
34

9.8 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.335 Low

EPSS

Percentile

97.0%

Releases

  • Ubuntu 10.10
  • Ubuntu 10.04
  • Ubuntu 9.10
  • Ubuntu 8.04

Packages

  • openssl -

Details

Rob Hulswit discovered a race condition in the OpenSSL TLS server
extension parsing code when used within a threaded server. A remote
attacker could trigger this flaw to cause a denial of service
or possibly execute arbitrary code with application privileges.
(CVE-2010-3864)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlibssl0.9.8< 0.9.8g-16ubuntu3.4UNKNOWN
Ubuntu9.10noarchlibcrypto0.9.8-udeb< 0.9.8g-16ubuntu3.4UNKNOWN
Ubuntu9.10noarchlibssl-dev< 0.9.8g-16ubuntu3.4UNKNOWN
Ubuntu9.10noarchlibssl0.9.8-dbg< 0.9.8g-16ubuntu3.4UNKNOWN
Ubuntu9.10noarchopenssl< 0.9.8g-16ubuntu3.4UNKNOWN
Ubuntu8.04noarchlibssl0.9.8< 0.9.8g-4ubuntu3.12UNKNOWN
Ubuntu8.04noarchlibcrypto0.9.8-udeb< 0.9.8g-4ubuntu3.12UNKNOWN
Ubuntu8.04noarchlibssl-dev< 0.9.8g-4ubuntu3.12UNKNOWN
Ubuntu8.04noarchlibssl0.9.8-dbg< 0.9.8g-4ubuntu3.12UNKNOWN
Ubuntu8.04noarchopenssl< 0.9.8g-4ubuntu3.12UNKNOWN
Rows per page:
1-10 of 221

9.8 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.335 Low

EPSS

Percentile

97.0%