The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL prior to 0.9.8zd, 1.0.0 prior to 1.0.0p, and 1.0.1 prior to 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.0a |
||
openssl openssl 1.0.0b |
||
openssl openssl 1.0.0i |
||
openssl openssl 1.0.0j |
||
openssl openssl 1.0.1i |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.0e |
||
openssl openssl 1.0.0f |
||
openssl openssl 1.0.0m |
||
openssl openssl 1.0.0n |
||
openssl openssl 1.0.1e |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.1c |
||
openssl openssl 1.0.0c |
||
openssl openssl 1.0.0d |
||
openssl openssl 1.0.0k |
||
openssl openssl 1.0.0l |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.1f |
||
openssl openssl |
||
openssl openssl 1.0.0g |
||
openssl openssl 1.0.0h |
||
openssl openssl 1.0.0o |
||
openssl openssl 1.0.1j |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1a |
Heads up for July 9 security vulnerability fix
Sysadmins and anyone else with systems running OpenSSL code: a new version of the open-source crypto library will be released this week to "fix a single security defect classified as 'high' severity." The bug, we're told, will be addressed in versions 1.0.2d and 1.0.1p of the software. The vulnerability does not affect the 1.0.0 or 0.9.8 series. OpenSSL is a widely used library that provides encrypted HTTPS connections for countless websites, as well as other secure services. "The OpenSSL projec...
Happy weekend, network admins
Cisco admins will be watching and waiting for fixes, with the company announcing that many of its OpenSSL implementations are carrying a bunch of post-POODLE fleas. The Borg has been looking over its kit and software since the OpenSSL project disclosed a bunch of vulns in January, and on March 10 detailed the impacts it's discovered so far. The list includes the notorious “FREAK” bug – CVE-2015-0204 – and Cisco's advisory contains an exhaustive list of products vulnerable, not vulnerable...
OpenSSL, iOS and OS X tricked into using weak 1990s-grade encryption keys
Security researchers are warning of a flaw in OpenSSL and Apple's SecureTransport – a hangover from the days when the US government was twitchy about the spread of cryptography. It's a flaw that allows an attacker to decrypt your login cookies, and other sensitive information, from your HTTPS connections if you use a vulnerable browser such as Safari. Apple's SecureTransport is a library used by applications on iOS and OS X, including Safari for iPhones, iPads and Macs. OpenSSL is open source,...
New fixes repair DOS, authentication flaws
OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k. Maintainers wrote in an advisory that Cisco warned last October that a crafted Datagram Transport Layer Security (DTLS) message could trigger a segmentation fault due (CVE-2014-3571) to a NULL pointer dereference. Another bug (CVE-2015-0206) spotted by researcher Chris...