Lucene search
Ubuntu.comUB:CVE-2010-0740HistoryMar 26, 2010 - 12:00 a.m.
CVE-2010-0740
2010-03-2600:00:00
ubuntu.com
ubuntu.com
8
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.956 High
EPSS
Percentile
99.4%
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through
0.9.8m allows remote attackers to cause a denial of service (crash) via a
malformed record in a TLS connection that triggers a NULL pointer
dereference, related to the minor version number. NOTE: some of these
details are obtained from third party information.
Notes
| Author | Note |
|---|---|
| jdstrand | according to upstream, if โshortโ is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m, otherwise it affects 0.9.8f through 0.9.8m. Confirmed that on all releases of Ubuntu on all architectures that โshortโ is 2 bytes. (8.10/sparc and 10.04/armel could not be checked) |
Related
f5
f5
K11533 : OpenSSL vulnerability CVE-2010-0740
2013-07-03 00:00:00
SOL11533 - OpenSSL vulnerability CVE-2010-0740
2010-05-31 00:00:00
nessus
nessus
F5 Networks BIG-IP : OpenSSL vulnerability (SOL11533)
2014-10-10 00:00:00
OpenSSL < 0.9.8n Multiple Vulnerabilities
2010-03-26 00:00:00
OpenSSL < 0.9.8n Multiple Vulnerabilities
2010-03-26 00:00:00
exploitpack
exploitpack
OpenSSL - Remote Denial of Service
2010-04-22 00:00:00
seebug
seebug
OpenSSL - Remote DoS
2014-07-01 00:00:00
OpenSSL TLS่ฟๆฅ่ฎฐๅฝๅค็ๆ็ปๆๅกๆผๆด
2010-03-30 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL TLS Connection Record Handling Denial of Service (CVE-2010-0740)
2010-05-16 00:00:00
prion
prion
Null pointer dereference
2010-03-26 18:30:00
cve
cve
CVE-2010-0740
2010-03-26 18:30:00
intel
intel
openvas
openvas
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
2010-04-20 00:00:00
Slackware Advisory SSA:2010-090-01 openssl
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2010-090-01)
2012-09-10 00:00:00
debiancve
debiancve
CVE-2010-0740
2010-03-26 18:30:00
openssl
openssl
Vulnerability in OpenSSL CVE-2010-0740
2010-03-24 00:00:00
exploitdb
exploitdb
OpenSSL - Remote Denial of Service
2010-04-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssl10 version 0.9.8n-alt1
2010-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8n-alt1
2010-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8n-alt1
2010-03-25 00:00:00
slackware
slackware
[slackware-security] openssl
2010-03-31 21:03:53
securityvulns
securityvulns
OpenSSL DoS confitions
2010-04-22 00:00:00
[ MDVSA-2010:076-1 ] openssl
2010-04-22 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: openssl-1.0.0-1.fc13
2010-04-09 03:42:47
[SECURITY] Fedora 12 Update: openssl-1.0.0-4.fc12
2010-05-25 18:42:18
[SECURITY] Fedora 11 Update: openssl-0.9.8n-1.fc11
2010-04-16 23:49:46
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.956 High
EPSS
Percentile
99.4%
Related for UB:CVE-2010-0740