logo
DATABASE RESOURCES PRICING ABOUT US

OpenSSL vulnerabilities

Description

## Releases * Ubuntu 12.04 * Ubuntu 11.10 * Ubuntu 11.04 * Ubuntu 10.04 * Ubuntu 8.04 ## Packages * openssl \- Secure Socket Layer (SSL) cryptographic library and tools Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). (CVE-2012-0884) It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. (CVE-2012-2333)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 8.04 libssl0.9.8 0.9.8g-4ubuntu3.19
Ubuntu 8.04 openssl 0.9.8g-4ubuntu3.19
Ubuntu 12.04 libssl1.0.0 1.0.1-4ubuntu5.2
Ubuntu 12.04 openssl 1.0.1-4ubuntu5.2
Ubuntu 11.10 libssl1.0.0 1.0.0e-2ubuntu4.6
Ubuntu 11.10 openssl 1.0.0e-2ubuntu4.6
Ubuntu 11.04 libssl0.9.8 0.9.8o-5ubuntu1.7
Ubuntu 11.04 openssl 0.9.8o-5ubuntu1.7
Ubuntu 10.04 libssl0.9.8 0.9.8k-7ubuntu8.13
Ubuntu 10.04 openssl 0.9.8k-7ubuntu8.13

Related