Lucene search
Ubuntu.comUB:CVE-2015-1787HistoryMar 19, 2015 - 12:00 a.m.
CVE-2015-1787
2015-03-1900:00:00
ubuntu.com
ubuntu.com
9
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.208 Low
EPSS
Percentile
96.3%
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2
before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman
ciphersuite are enabled, allows remote attackers to cause a denial of
service (daemon crash) via a ClientKeyExchange message with a length of
zero.
Notes
| Author | Note |
|---|---|
| mdeslaur | 1.0.2 only |
Related
checkpoint_advisories
checkpoint_advisories
OpenSSL DHE Client Key Exchange Denial of Service (CVE-2015-1787)
2015-05-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-10 05:22:24
openssl
openssl
Vulnerability in OpenSSL CVE-2015-1787
2015-03-19 00:00:00
prion
prion
Authentication flaw
2015-03-19 22:59:00
Authentication flaw
2015-08-20 10:59:00
cve
cve
CVE-2015-1787
2015-03-19 22:59:00
CVE-2015-0536
2015-08-20 10:59:00
debiancve
debiancve
CVE-2015-1787
2015-03-19 22:59:00
nessus
nessus
OpenSSL < 1.0.2a Multiple Vulnerabilities
2015-03-19 00:00:00
stunnel < 5.12 OpenSSL Multiple Vulnerabilities
2015-03-25 00:00:00
OpenSSL 1.0.2 < 1.0.2a Multiple Vulnerabilities
2015-03-27 00:00:00
f5
f5
openvas
openvas
OpenSSL Multiple Vulnerabilities (20150319 - 2) - Windows
2015-11-24 00:00:00
OpenSSL Multiple Vulnerabilities (20150319 - 2) - Linux
2015-11-24 00:00:00
Gentoo Security Advisory GLSA 201503-11
2015-09-29 00:00:00
ibm
ibm
securityvulns
securityvulns
archlinux
archlinux
lib32-openssl: multiple issues
2015-03-19 00:00:00
openssl: multiple issues
2015-03-19 00:00:00
fortinet
fortinet
OpenSSL vulnerabilities - March 2015
2015-03-24 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
2015-03-20 20:20:00
kaspersky
kaspersky
KLA10479 Multiple vulnerabilities in OpenSSL
2015-03-19 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2015-03-19 00:00:00
ics
ics
Rockwell Automation Stratix 5900
2017-05-10 12:00:00
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
Oracle Critical Patch Update - January 2016
2016-01-19 00:00:00
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.208 Low
EPSS
Percentile
96.3%
Related for UB:CVE-2015-1787