Filtered by vendor Openssl
Subscribe
Total
242 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0078 | 3 Freebsd, Openbsd, Openssl | 3 Freebsd, Openbsd, Openssl | 2016-10-17 | 5.0 MEDIUM | N/A |
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | |||||
CVE-2002-1568 | 1 Openssl | 1 Openssl | 2016-10-17 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | |||||
CVE-2011-4619 | 1 Openssl | 1 Openssl | 2016-08-22 | 5.0 MEDIUM | N/A |
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | |||||
CVE-2011-4576 | 1 Openssl | 1 Openssl | 2016-08-22 | 5.0 MEDIUM | N/A |
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | |||||
CVE-2011-4108 | 1 Openssl | 1 Openssl | 2016-08-22 | 4.3 MEDIUM | N/A |
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | |||||
CVE-2012-0027 | 1 Openssl | 1 Openssl | 2014-03-25 | 5.0 MEDIUM | N/A |
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. | |||||
CVE-2011-4577 | 1 Openssl | 1 Openssl | 2014-03-25 | 4.3 MEDIUM | N/A |
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. | |||||
CVE-2011-3210 | 1 Openssl | 1 Openssl | 2014-03-25 | 5.0 MEDIUM | N/A |
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. | |||||
CVE-2011-3207 | 1 Openssl | 1 Openssl | 2014-03-25 | 5.0 MEDIUM | N/A |
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | |||||
CVE-2011-1945 | 1 Openssl | 1 Openssl | 2013-06-05 | 2.6 LOW | N/A |
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. | |||||
CVE-2011-4354 | 1 Openssl | 1 Openssl | 2012-11-05 | 5.8 MEDIUM | N/A |
crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts. | |||||
CVE-2011-5095 | 1 Openssl | 1 Openssl | 2012-06-20 | 4.0 MEDIUM | N/A |
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923. | |||||
CVE-2008-7270 | 1 Openssl | 1 Openssl | 2012-04-05 | 4.3 MEDIUM | N/A |
OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a different vulnerability than CVE-2010-4180. | |||||
CVE-2009-3765 | 2 Mutt, Openssl | 2 Mutt, Openssl | 2009-10-28 | 6.8 MEDIUM | N/A |
mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | |||||
CVE-2009-0653 | 1 Openssl | 1 Openssl | 2009-06-24 | 7.5 HIGH | N/A |
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970. | |||||
CVE-2005-2946 | 1 Openssl | 1 Openssl | 2009-01-06 | 5.0 MEDIUM | N/A |
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature. | |||||
CVE-2002-0657 | 1 Openssl | 1 Openssl | 2008-09-10 | 7.5 HIGH | N/A |
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key. | |||||
CVE-2002-0656 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2008-09-10 | 7.5 HIGH | N/A |
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | |||||
CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2008-09-10 | 7.5 HIGH | N/A |
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-0659 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2008-09-10 | 5.0 MEDIUM | N/A |
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. |