Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
There are 88 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2009-4355

Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.

Published: January 14, 2010; 2:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

Published: November 09, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2009-1387

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."

Published: June 04, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1386

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

Published: June 04, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1378

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."

Published: May 19, 2009; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1377

The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."

Published: May 19, 2009; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-0789

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

Published: March 27, 2009; 12:30:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-0590

The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

Published: March 27, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-0653

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.

Published: February 20, 2009; 2:30:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5077

OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.

Published: January 07, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2007-5536

Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

Published: October 17, 2007; 8:17:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2007-3108

The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.

Published: August 07, 2007; 9:17:00 PM -0400
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2006-2940

OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.

Published: September 28, 2006; 2:07:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

Published: September 05, 2006; 1:04:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2005-2946

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.

Published: September 16, 2005; 6:03:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-1797

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Published: May 26, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Published: February 09, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2003-0851

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

Published: December 01, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0543

Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.

Published: November 17, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0544

OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.

Published: November 17, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM