Download
| Alert*
|
oval:org.secpod.oval:def:602367
It was discovered that polarssl, a library providing SSL and TLS support, contained two heap-based buffer overflows that could allow a remote attacker to trigger denial of service or arbitrary code execution. oval:org.secpod.oval:def:601131 Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library: CVE-2013-4623 Jack Lloyd discovered a denial of service vulnerability in the parsing of PEM-encoded certificates. CVE-2013-5914 Paul Brodeur and TrustInSoft discovered a buffer overflow in the ssl_re ... oval:org.secpod.oval:def:601708 A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute th ... oval:org.secpod.oval:def:601718 libpolarssl-runtime is installed oval:org.secpod.oval:def:601927 A vulnerability was discovered in PolarSSL, a lightweight crypto and SSL/TLS library. A remote attacker could exploit this flaw using specially crafted certificates to mount a denial of service against an application linked against the library , or potentially, to execute arbitrary code. oval:org.secpod.oval:def:600965 Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted pack ... |
