logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2011-4576

Description

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.


Affected Package


OS OS Version Package Name Package Version
ubuntu 10.04 openssl 0.9.8k-7ubuntu8.8
ubuntu 10.10 openssl 0.9.8o-1ubuntu4.6
ubuntu 11.04 openssl 0.9.8o-5ubuntu1.2
ubuntu 11.10 openssl 1.0.0e-2ubuntu4.2
ubuntu upstream openssl 0.9.8s,1.0.0f
ubuntu 11.10 openssl098 0.9.8o-7ubuntu1.2
ubuntu upstream openssl098 0.9.8s

Related