Page 18 of 93 results (0.044 seconds)

CVSS: 7.5EPSS: 25%CPEs: 72EXPL: 0

CVE-2010-0742

https://notcve.org/view.php?id=CVE-2010-0742

The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. Vulnerabilidad en la implemtanción "Cryptographic Message Syntax" (CMS) en "crypto/cms/cms_asn1.c" en OpenSSL anterior a v0.9.8o y v1.x anterior a v1.0.0a no maneja correctamente estructuras que contienen "OriginatorInfo" las cuales permiten a atacantes dependientes del contexto modificar direcciones inválidas de memoria o llevar a cabo ataques de liberación doble con posibilidad de ejecutar código aleatorio a través de vectores sin especificar. • http://cvs.openssl.org/chngview?cn=19693 http://cvs.openssl.org/filediff?f=openssl/crypto/cms/cms_asn1.c&v1=1.8&v2=1.8.6.1 http://marc.info/?l=bugtraq&m=129138643405740&w=2 http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest http://secunia.com/advisories/40000 http://secunia.com/advisories/40024 http://secunia.com/advisories/42457 http://secunia.com/advisories/42724 http://secunia.com/advisories/42733 http://secunia.com/advisories/57353 • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 20%CPEs: 71EXPL: 0

CVE-2009-4355 – openssl significant memory leak in certain SSLv3 requests (DoS)

https://notcve.org/view.php?id=CVE-2009-4355

Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. Fuga de memoria en la función zlib_stateful_finish en crypto/comp/c_zlib.c en OpenSSL v0.9.8l y anteriores, y v1.0.0 Beta a la Beta 4, permite a atacantes remoso provocar una denegación de servicio (consumo de memoria) a través de vectores que provocan llamadas incorrectas a la función CRYPTO_free_all_ex_data, como se demostró usando SSLv3 y PHP con el Apache HTTP Server, una cuestión relacionada con el CVE-2008-1678. • http://cvs.openssl.org/chngview?cn=19068 http://cvs.openssl.org/chngview?cn=19069 http://cvs.openssl.org/chngview?cn=19167 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://marc.info/?l=bugtraq&m=127128920008563&w=2 http://secunia.com/advisories/38175 http://secunia.com/advisories/38181 http: • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.8EPSS: 0%CPEs: 21EXPL: 5

CVE-2009-3555 – Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass

https://notcve.org/view.php?id=CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociación del Handshake SSL en una conexión existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petición de autenticación que es procesada retroactivamente por un servidor en un contexto post-renegociación. Se trata de un ataque de "inyección de texto plano", también conocido como el problema del "Proyecto Mogul". • https://www.exploit-db.com/exploits/10071 https://www.exploit-db.com/exploits/10579 http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html http://blogs.iss.net/archive/sslmitmiscsrf.html http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during http://clicky.me/tlsvuln http://extendedsubset.com/?p=8 http://extendedsubset.com/Renegotiating_TLS.pdf http://h20000.www2.hp.com/bizsuppo • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 5.0EPSS: 11%CPEs: 1EXPL: 2

CVE-2009-1379 – OpenSSL 0.9.8k/1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service

https://notcve.org/view.php?id=CVE-2009-1379

Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. Vulnerabilidad de uso después de la liberación en (use-after-free) en la función dtls1_retrieve_buffered_fragment en ssl/d1_both.c en OpenSSL v1.0.0 Beta 2 permite a atacantes remotos producir una denegación de servicio (caída de openssl s_client) a posiblemente tenga un impacto sin especificar a través de un paquete DTLS, como se demostró mediante un paquete de un servidor que utiliza un certificado de servidor manipulado. • https://www.exploit-db.com/exploits/8720 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest http://secunia.com/advisories/35416 http://secunia.com/advisories/35461 http: • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2007-5536

https://notcve.org/view.php?id=CVE-2007-5536

Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •