Lucene search

K
ubuntuUbuntuUSN-750-1
HistoryMar 30, 2009 - 12:00 a.m.

OpenSSL vulnerability

2009-03-3000:00:00
ubuntu.com
31

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.7

Confidence

High

EPSS

0.271

Percentile

96.8%

Releases

  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 7.10
  • Ubuntu 6.06

Packages

  • openssl -

Details

It was discovered that OpenSSL did not properly validate the length of an
encoded BMPString or UniversalString when printing ASN.1 strings. If a user
or automated system were tricked into processing a crafted certificate, an
attacker could cause a denial of service via application crash in
applications linked against OpenSSL.

OSVersionArchitecturePackageVersionFilename
Ubuntu8.10noarchlibssl0.9.8< 0.9.8g-10.1ubuntu2.2UNKNOWN
Ubuntu8.10noarchlibcrypto0.9.8-udeb< 0.9.8g-10.1ubuntu2.2UNKNOWN
Ubuntu8.10noarchlibssl-dev< 0.9.8g-10.1ubuntu2.2UNKNOWN
Ubuntu8.10noarchlibssl0.9.8< dbg-0.9.8g-10.1ubuntu2.2UNKNOWN
Ubuntu8.10noarchopenssl< 0.9.8g-10.1ubuntu2.2UNKNOWN
Ubuntu8.04noarchlibssl0.9.8< 0.9.8g-4ubuntu3.5UNKNOWN
Ubuntu8.04noarchlibcrypto0.9.8-udeb< 0.9.8g-4ubuntu3.5UNKNOWN
Ubuntu8.04noarchlibssl-dev< 0.9.8g-4ubuntu3.5UNKNOWN
Ubuntu8.04noarchlibssl0.9.8-dbg< 0.9.8g-4ubuntu3.5UNKNOWN
Ubuntu8.04noarchopenssl< 0.9.8g-4ubuntu3.5UNKNOWN
Rows per page:
1-10 of 201

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.7

Confidence

High

EPSS

0.271

Percentile

96.8%