Dr Stephen Henson (steve@opensslorg), using a test suite
provided by NISCC (wwwnisccgovuk/), discovered a number of
errors in the OpenSSL
ASN1 code Combined with an error that causes the OpenSSL code to parse
client certificates even when it should not, these errors can cause a
denial of service (DoS) condition on a system using the Op ...
Steve Henson of the OpenSSL core team identified and prepared fixes
for a number of vulnerabilities in the OpenSSL ASN1 code that were
discovered after running a test suite by British National
Infrastructure Security Coordination Centre (NISCC)
A bug in OpenSSLs SSL/TLS protocol was also identified which causes
OpenSSL to parse a client certificat ...
On September 30, 2003, new vulnerabilities in the
for SSL were announced This is referred to as the "first" vulnerability in
On November 4, 2003, another vulnerability in the
for SSL, version 096, was announced This is referred to as the "second"
vulnerability in this ...