CVE-2009-0590 – openssl: ASN1 printing crash
https://notcve.org/view.php?id=CVE-2009-0590
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. La función ASN1_STRING_print_ex en OpenSSL versiones anteriores a v0.9.8k permite a atacantes remotos provocar una denegación de servicio (acceso inválido a memoria y caída de la aplicación) mediante vectores que provocan la impresión de (1) BMPString o (2) UniversalString con una longitud de codificación inválida. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://marc.info/?l=bugtraq&m=124464882609472&w=2 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-0653
https://notcve.org/view.php?id=CVE-2009-0653
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970. OpenSSL, probablemente v0.9.6, no verifica las limitacion basicas para un certificado de autoridad certificadora intermedia, lo que permite a atacantes remotos falsificar lo certificados de sitios de confianza, a traves de un ataque de hombre en el medio, relacionada con CVE-2002-0970. • http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf • CWE-287: Improper Authentication •
CVE-2008-5077 – OpenSSL Incorrect checks for malformed signatures
https://notcve.org/view.php?id=CVE-2008-5077
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. OpenSSL 0.9.8i y versiones anteriores no comprueba correctamente el valor de retorno de la función EVP_VerifyFinal, lo que permite a atacantes remotos evitar la validación de la cadena del certificado a través de una firma SSL/TLS mal formada para las claves DSA y ECDSA. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html http://marc.info/?l=bugtraq&m=123859864430555&w=2 http://marc.info/?l=bugtraq&m=124277349419254&w=2 http://marc.info/?l=bugtraq&m=127678688104458&w=2 http://secunia.com/advisories/33338 http://secunia.com/advisories/33394 http://secunia.com/advisories/33436 • CWE-20: Improper Input Validation •
CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •
CVE-2007-3108 – openssl: RSA side-channel attack
https://notcve.org/view.php?id=CVE-2007-3108
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. La función BN_from_montgomery en el crypto/bn/bn_mont.c del OpenSSL 0.9.8e y anteriores, no interpreta adecuadamente la multiplicación Montgomery, lo que permite a usuarios locales llevar a cabo ataques por canal colateral (side-channel) y recuperar claves privadas RSA. • http://cvs.openssl.org/chngview?cn=16275 http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://openssl.org/news/patch-CVE-2007-3108.txt http://secunia.com/advisories/26411 http://secunia.com/advisories/26893 http://secunia.com/advisories/27021 http://secunia.com/advisories/27078 http://secunia.com/advisories/27097 http://secunia.com/advisories/27205 http://secunia.com/advisories/27330 http://secunia.com/advisories/27770 http://secunia.com/advisories/ •