Lucene search
Ubuntu.comUB:CVE-2007-5135HistorySep 27, 2007 - 12:00 a.m.
CVE-2007-5135
2007-09-2700:00:00
ubuntu.com
ubuntu.com
11
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.576 Medium
EPSS
Percentile
97.7%
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up
to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute
arbitrary code via a crafted packet that triggers a one-byte buffer
underflow. NOTE: this issue was introduced as a result of a fix for
CVE-2006-3738. As of 20071012, it is unknown whether code execution is
possible.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | openssl | < 0.9.8a-7ubuntu0.4 | UNKNOWN |
| ubuntu | 6.10 | noarch | openssl | < 0.9.8b-2ubuntu2.1 | UNKNOWN |
| ubuntu | 7.04 | noarch | openssl | < 0.9.8c-4ubuntu0.1 | UNKNOWN |
| ubuntu | 7.10 | noarch | openssl | < 0.9.8e-5ubuntu2 | UNKNOWN |
| ubuntu | 8.04 | noarch | openssl | < 0.9.8e-5ubuntu2 | UNKNOWN |
| ubuntu | 8.10 | noarch | openssl | < 0.9.8e-5ubuntu2 | UNKNOWN |
| ubuntu | 9.04 | noarch | openssl | < 0.9.8e-5ubuntu2 | UNKNOWN |
| ubuntu | 9.10 | noarch | openssl | < 0.9.8e-5ubuntu2 | UNKNOWN |
Related
prion
prion
Buffer overflow
2007-09-27 20:17:00
cve
cve
CVE-2007-5135
2007-09-27 20:17:00
CVE-2006-3738
2006-09-28 18:07:00
checkpoint_advisories
checkpoint_advisories
debiancve
debiancve
CVE-2007-5135
2007-09-27 20:17:00
CVE-2006-3738
2006-09-28 18:07:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-07:08.openssl
2007-10-03 00:00:00
FreeBSD-SA-06:23.openssl
2006-09-28 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2007-10-07 00:00:00
AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
2006-12-11 00:00:00
OpenSSL: Multiple vulnerabilities
2006-10-24 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssl (MDKSA-2007:193)
2007-10-09 00:00:00
GLSA-200710-06 : OpenSSL: Multiple vulnerabilities
2007-10-09 00:00:00
SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 5055)
2008-03-07 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200710-06 (openssl)
2008-09-24 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-07:08.openssl.asc)
2008-09-04 00:00:00
HP-UX Update for Apache HPSBUX02292
2009-05-05 00:00:00
checkpoint_security
checkpoint_security
OpenSSLVulnerability CVE-2007-5135 on IPSO 4.2
2008-08-04 21:00:00
Check Point response to OpenSSL vulnerability CVE-2007-5135
2007-10-15 22:00:00
Check Point response to OpenSSL vulnerability CVE-2006-3738
2007-10-27 22:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 0.9.8d-alt4
2007-10-10 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8d-alt4
2007-10-10 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8d-alt4
2007-10-10 00:00:00
osv
osv
openssl - arbitrary code execution
2007-10-02 00:00:00
openssl096
2006-10-10 00:00:00
openssl
2006-09-28 00:00:00
debian
debian
[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution
2007-10-02 20:06:48
[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution
2007-10-02 20:06:48
[SECURITY] [DSA 1379-2] New openssl packages fix arbitrary code execution
2007-10-10 17:59:21
f5
f5
SOL8106 - OpenSSL SSL_get_shared_ciphers vulnerability CVE-2007-5135
2007-11-15 00:00:00
K8106 : OpenSSL SSL_get_shared_ciphers vulnerability CVE-2007-5135
2013-03-27 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2007-5135
2007-10-12 00:00:00
Vulnerability in OpenSSL CVE-2006-3738
2006-09-28 00:00:00
ubuntucve
ubuntucve
CVE-2006-3738
2006-09-28 00:00:00
redhat
redhat
(RHSA-2007:0813) Moderate: openssl security update
2007-10-22 00:00:00
(RHSA-2007:1003) Moderate: openssl security and bug fix update
2007-11-15 00:00:00
(RHSA-2007:0964) Important: openssl security update
2007-10-12 00:00:00
oraclelinux
oraclelinux
Moderate: openssl security update
2007-10-22 00:00:00
openssl security and bug fix update
2007-11-27 00:00:00
Important: openssl security update
2007-10-12 00:00:00
centos
centos
openssl security update
2007-10-22 12:29:21
openssl security update
2007-10-23 23:23:09
openssl security update
2007-11-15 15:53:13
fedora
fedora
[SECURITY] Fedora Core 6 Update: openssl-0.9.8b-15.fc6
2007-10-15 20:05:56
[SECURITY] Fedora 7 Update: openssl-0.9.8b-15.fc7
2007-10-18 02:26:18
ubuntu
ubuntu
openssl vulnerabilities
2007-09-28 00:00:00
openssl vulnerabilities
2006-09-29 00:00:00
securityvulns
securityvulns
suse
suse
remote denial of service in openssl
2006-09-28 16:40:53
slackware
slackware
[slackware-security] openssl
2006-09-29 07:57:13
freebsd
freebsd
OpenSSL -- Multiple problems in crypto(3)
2006-09-28 00:00:00
vmware
vmware
Updated ESX packages for OpenSSL, net-snmp, perl
2008-08-12 00:00:00
Updated ESX packages for OpenSSL, net-snmp, perl
2008-08-12 00:00:00
Updated service console patches.
2008-01-07 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.576 Medium
EPSS
Percentile
97.7%
Related for UB:CVE-2007-5135