The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL prior to 0.9.8zd, 1.0.0 prior to 1.0.0p, and 1.0.1 prior to 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.0a |
||
openssl openssl 1.0.0b |
||
openssl openssl 1.0.0i |
||
openssl openssl 1.0.0j |
||
openssl openssl 1.0.1i |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.0e |
||
openssl openssl 1.0.0f |
||
openssl openssl 1.0.0m |
||
openssl openssl 1.0.0n |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.1c |
||
openssl openssl |
||
openssl openssl 1.0.0g |
||
openssl openssl 1.0.0h |
||
openssl openssl 1.0.0o |
||
openssl openssl 1.0.1j |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1a |
||
openssl openssl 1.0.0c |
||
openssl openssl 1.0.0d |
||
openssl openssl 1.0.0k |
||
openssl openssl 1.0.0l |
||
openssl openssl 1.0.1f |
||
openssl openssl 1.0.1e |
New fixes repair DOS, authentication flaws
OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k. Maintainers wrote in an advisory that Cisco warned last October that a crafted Datagram Transport Layer Security (DTLS) message could trigger a segmentation fault due (CVE-2014-3571) to a NULL pointer dereference. Another bug (CVE-2015-0206) spotted by researcher Chris...