Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.7f vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 prior to 0.9.7h and 0.9.8 prior to 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote malicious users t...
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
NA
CVE-2006-2937
OpenSSL 0.9.7 prior to 0.9.7l and 0.9.8 prior to 0.9.8d allows remote malicious users to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
NA
CVE-2006-3738
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions has unspecified impact and remote attack vectors involving a long list of ciphers.
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
NA
CVE-2007-5135
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote malicious users to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result ...
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7f
NA
CVE-2006-4343
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 5.10
2 EDB exploits
NA
CVE-2006-2940
OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certif...
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.7e
NA
CVE-2006-4339
OpenSSL prior to 0.9.7, 0.9.7 prior to 0.9.7k, and 0.9.8 prior to 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Open...
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.3
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.6k
NA
CVE-2008-7270
OpenSSL prior to 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the use of a disabled cipher via vectors involving sniffing network traffic to dis...
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
NA
CVE-2011-4354
crypto/bn/bn_nist.c in OpenSSL prior to 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curv...
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.4
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
NA
CVE-2008-5077
OpenSSL 0.9.8i and previous versions does not properly check the return value from the EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »