Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:openssl:openssl:1.0.2:beta3
There are 29 matching records.
Displaying matches 21 through 29.
Vuln ID Summary CVSS Severity
CVE-2016-0800

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.

Published: March 01, 2016; 3:59:00 PM -0500
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-0701

The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.

Published: February 14, 2016; 9:59:18 PM -0500
V3.0: 3.7 LOW
V2.0: 2.6 LOW
CVE-2015-3197

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.

Published: February 14, 2016; 9:59:01 PM -0500
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-1787

The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero.

Published: March 19, 2015; 6:59:12 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2015-0291

The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.

Published: March 19, 2015; 6:59:09 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0290

The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service (pointer corruption and application crash) via unspecified vectors.

Published: March 19, 2015; 6:59:08 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0285

The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack.

Published: March 19, 2015; 6:59:03 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-0208

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.

Published: March 19, 2015; 6:59:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-0207

The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DTLS 1.0 traffic to a DTLS 1.2 server.

Published: March 19, 2015; 6:59:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM