[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4157-1 openssl -- openssl

ID: oval:org.secpod.oval:def:603338Date: (C)2018-03-30   (M)2023-12-20
Class: PATCHFamily: unix




Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3738 David Benjamin of Google reported an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. CVE-2018-0739 It was discovered that constructed ASN.1 types with a recursive definition could exceed the stack, potentially leading to a denial of service. Details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20180327.txt

Platform:
Debian 8.x
Debian 9.x
Product:
openssl
libcrypto1.1-udeb
libssl1.1
libssl-dev
libssl-doc
Reference:
DSA-4157-1
CVE-2017-3738
CVE-2018-0739
CVE    2
CVE-2018-0739
CVE-2017-3738
CPE    16
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:8.x
cpe:/a:openssl:openssl
cpe:/a:openssl:openssl:1.0.2b
...

© SecPod Technologies