logo
DATABASE RESOURCES PRICING ABOUT US

Information Disclosure

Description

openssl is vulnerable to information disclosure. It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle.


Affected Software


CPE Name Name Version
openssl 0.9.8b__10.el5
openssl 1.0.0__10.el6
openssl 1.0.0__4.el6
openssl 0.9.8e__12.el5_4.1
openssl 1.0.0__4.el6_0.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 1.0.0__10.el6_1.4
openssl 1.0.0__4.el6_0.2
openssl 1.0.0__10.el6_1.5
openssl 0.9.8b__8.3.el5
openssl 0.9.8e__12.el5
openssl 0.9.8e__12.el5_5.7
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5
openssl 0.9.8b__10.el5
openssl 1.0.0__10.el6
openssl 1.0.0__4.el6
openssl 0.9.8e__12.el5_4.1
openssl 1.0.0__4.el6_0.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 1.0.0__10.el6_1.4
openssl 1.0.0__4.el6_0.2
openssl 1.0.0__10.el6_1.5
openssl 0.9.8b__8.3.el5
openssl 0.9.8e__12.el5
openssl 0.9.8e__12.el5_5.7
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5

Related