Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.6 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-1387
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL prior to 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug.&q...
Openssl Openssl
Redhat Openssl 0.9.6-15
Redhat Openssl 0.9.6b-3
Redhat Openssl 0.9.7a-2
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
445
VMScore
CVE-2009-0789
OpenSSL prior to 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote malicious users to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certi...
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6j
668
VMScore
CVE-2009-0653
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.
Openssl Openssl 0.9.6
516
VMScore
CVE-2008-5077
OpenSSL 0.9.8i and previous versions does not properly check the return value from the EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.8
694
VMScore
CVE-2006-2940
OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certif...
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.8
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.6f
383
VMScore
CVE-2006-4339
OpenSSL prior to 0.9.7, 0.9.7 prior to 0.9.7k, and 0.9.8 prior to 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Open...
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8a
454
VMScore
CVE-2005-1797
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote malicious users to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
187
VMScore
CVE-2004-0975
The der_chop script in the openssl package in Trustix Secure Linux 1.5 up to and including 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Mandrakesoft Mandrake Multi Network Firewall 8.2
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7c
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux Corporate Server 2.1
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux 10.1
Gentoo Linux
445
VMScore
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 \\(3.005\\)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
445
VMScore
CVE-2004-0081
OpenSSL 0.9.6 prior to 0.9.6d does not properly handle unknown message types, which allows remote malicious users to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1 \\(3.005\\)
Cisco Firewall Services Module
Cisco Firewall Services Module 1.1.2
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Hp Aaa Server
Cisco Ciscoworks Common Management Foundation 2.1
Cisco Ciscoworks Common Services 2.2
Avaya Sg208 4.4
Avaya Sg5 4.2
Avaya Sg5 4.3
Freebsd Freebsd 5.1
Hp Hp-ux 8.05
Openbsd Openbsd 3.3
Redhat Linux 8.0
Sco Openserver 5.0.6
Avaya Sg203 4.4
Avaya Sg208
Freebsd Freebsd 4.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »