Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.6 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2003-0543
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote malicious users to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
1 EDB exploit
5
CVSSv2
CVE-2003-0544
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote malicious users to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used...
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
5
CVSSv2
CVE-2003-0147
OpenSSL does not use RSA blinding by default, which allows local and remote malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different inte...
Openpkg Openpkg 1.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.7
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Openpkg Openpkg
Openpkg Openpkg 1.1
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6g
Stunnel Stunnel 3.13
5
CVSSv2
CVE-2003-0078
ssl3_get_record in s3_pkt.c for OpenSSL prior to 0.9.7a and 0.9.6 prior to 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that re...
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6i
Openssl Openssl
Openbsd Openbsd 3.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 4.4
Openbsd Openbsd 3.2
Freebsd Freebsd 4.2
Freebsd Freebsd 4.6
Freebsd Freebsd 4.3
Freebsd Freebsd 5.0
1 EDB exploit
5
CVSSv2
CVE-2002-0659
The ASN1 library in OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, allows remote malicious users to cause a denial of service via invalid encodings.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Corporate Time Outlook Connector 3.1
Oracle Corporate Time Outlook Connector 3.1.1
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.7
Oracle Application Server 1.0.2
Oracle Corporate Time Outlook Connector 3.1.2
Oracle Http Server 9.0.1
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Oracle Application Server
Oracle Corporate Time Outlook Connector 3.3
Oracle Http Server 9.2.0
1 EDB exploit
5
CVSSv2
CVE-2001-1141
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL prior to 0.9.6b allows malicious users to use the output of small PRNG requests to determine the internal state information, which could be used by malicious users to predict future pseudo-random numbers.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Ssleay Ssleay 0.9
Ssleay Ssleay 0.9.1
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Ssleay Ssleay 0.8.1
4.3
CVSSv2
CVE-2011-4108
The DTLS implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote malicious users to recover plaintext via a padding oracle attack.
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6b
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
4.3
CVSSv2
CVE-2011-4577
OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f, when RFC 3779 support is enabled, allows remote malicious users to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous...
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6k
4.3
CVSSv2
CVE-2008-7270
OpenSSL prior to 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the use of a disabled cipher via vectors involving sniffing network traffic to dis...
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
4.3
CVSSv2
CVE-2006-4339
OpenSSL prior to 0.9.7, 0.9.7 prior to 0.9.7k, and 0.9.8 prior to 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Open...
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »