7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.094 Low
EPSS
Percentile
94.6%
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions
allows attackers to cause a denial of service (CPU consumption) via
parasitic public keys with large (1) âpublic exponentâ or (2) âpublic
modulusâ values in X.509 certificates that require extra time to process
when using RSA signature verification.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | openssl | <Â 0.9.8a-7ubuntu0.3 | UNKNOWN |
ubuntu | 6.10 | noarch | openssl | <Â 0.9.8b-2ubuntu2 | UNKNOWN |
ubuntu | 7.04 | noarch | openssl | <Â 0.9.8b-2ubuntu2 | UNKNOWN |
ubuntu | 6.06 | noarch | openssl097 | <Â 0.9.7g-5ubuntu1.1 | UNKNOWN |
ubuntu | 6.10 | noarch | openssl097 | <Â 0.9.7k-3 | UNKNOWN |
ubuntu | 7.04 | noarch | openssl097 | <Â 0.9.7k-3 | UNKNOWN |