Download
| Alert*
oval:org.secpod.oval:def:700310
It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applicati ... oval:org.secpod.oval:def:600485 It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. For the old stable distribution , this problem has been fixed in version 0.9.8c-4etch5 of the openssl package and in ver ... oval:org.secpod.oval:def:301212 A security vulnerability has been identified and fixed in OpenSSL, which could crash applications using OpenSSL library when parsing malformed certificates . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:20026 The host is installed with OpenSSL before 0.9.8k and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. Successful exploitation could ... oval:org.mitre.oval:def:8038 It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. oval:org.secpod.oval:def:202091 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ... oval:org.secpod.oval:def:201982 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ... oval:org.secpod.oval:def:500658 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ... oval:org.secpod.oval:def:500390 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw ... oval:org.secpod.oval:def:201741 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw ... oval:org.secpod.oval:def:201696 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw ... oval:org.secpod.oval:def:201943 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw ... oval:org.secpod.oval:def:201726 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw ... oval:org.secpod.oval:def:400301 This update adds openssl patches since 2007 for: - CVE-2008-5077 - CVE-2009-0590 - CVE-2009-0789 - CVE-2009-3555 - CVE-2010-4180 |