openssl openssl 0.9.8k vulnerabilities and exploits

(subscribe to this query)

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f up to and including 0.9.8m allows remote malicious users to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. N...

Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k Openssl Openssl 0.9.8l Openssl Openssl 0.9.8m

1 EDB exploit

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f up to and including 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote malicious users to execute arbitrary code via client data that triggers a heap-based...

Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k Openssl Openssl 0.9.8l Openssl Openssl 0.9.8m Openssl Openssl 0.9.8n Openssl Openssl 0.9.8o Openssl Openssl 1.0.0 Openssl Openssl 1.0.0a

OpenSSL prior to 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.

Openssl Openssl Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j

The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL prior to 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote malicious users to cause a denial of service (NULL pointer derefe...

Openssl Openssl Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j

ssl/t1_lib.c in OpenSSL 0.9.8h up to and including 0.9.8q and 1.0.0 up to and including 1.0.0c allows remote malicious users to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes...

Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k Openssl Openssl 0.9.8l Openssl Openssl 0.9.8m Openssl Openssl 0.9.8n Openssl Openssl 0.9.8o Openssl Openssl 0.9.8p Openssl Openssl 0.9.8q Openssl Openssl 1.0.0 Openssl Openssl 1.0.0a

Double free vulnerability in OpenSSL 0.9.8 prior to 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote malicious users to have an unspecified impact by triggering failure of a policy check.

Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k

1 Article

The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 up to and including 0.9.8r and 1.0.x prior to 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote malicious users to cause a denial of service (daemon crash) v...

Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k

The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL prior to 0.9.8o and 1.x prior to 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent malicious users to modify invalid memory locations or ...

Openssl Openssl Openssl Openssl 0.9.1c Openssl Openssl 0.9.2b Openssl Openssl 0.9.3 Openssl Openssl 0.9.3a Openssl Openssl 0.9.4 Openssl Openssl 0.9.5 Openssl Openssl 0.9.5a Openssl Openssl 0.9.6 Openssl Openssl 0.9.6a Openssl Openssl 0.9.6b Openssl Openssl 0.9.6c

Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (application crash) via crafted DTLS packets that trigger an error cond...

Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k

d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations correspondi...

Openssl Openssl 0.9.8 Openssl Openssl 0.9.8a Openssl Openssl 0.9.8b Openssl Openssl 0.9.8c Openssl Openssl 0.9.8d Openssl Openssl 0.9.8e Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h Openssl Openssl 0.9.8i Openssl Openssl 0.9.8j Openssl Openssl 0.9.8k

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook