CVE-2008-1672
https://notcve.org/view.php?id=CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference. OpenSSL 0.9.8f y 0.9.8g permite a atacantes remotos provocar una denegación de servicio (caída) mediante una negociación TLS que omite el Server Key Excahnge y usa "particular cipher suites." • http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html http://secunia.com/advisories/30405 http://secunia.com/advisories/30460 http://secunia.com/advisories/30825 http://secunia.com/advisories/30852 http://secunia.com/advisories/30868 http://secunia.com/advisories/31228 http://secunia.com/advisories/31288 http://security.gentoo.org/glsa/glsa-200806-08.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004 http://sourceforge.net/project • CWE-476: NULL Pointer Dereference •
CVE-2008-0166 – OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
https://notcve.org/view.php?id=CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. OpenSSL versión 0.9.8c-1 hasta versiones anteriores a 0.9.8g-9, sobre sistemas operativos basados en Debian usa un generador de números aleatorios que genera números predecibles, lo que facilita a atacantes remotos la conducción de ataques de adivinación por fuerza bruta contra claves criptográficas. • https://www.exploit-db.com/exploits/5622 https://www.exploit-db.com/exploits/5720 https://www.exploit-db.com/exploits/5632 https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 http://metasploit.com/users/hdm/tools/debian-openssl http://secunia.com/advisories/30136 http://secunia.com/advisories/30220 http://secunia.com/advisories/30221 http://secunia.com/advisories/30231 http://secunia.com/advisories/30239 http://secunia.com/advisories/30249 http:/ • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •
CVE-2007-4995 – openssl dtls out of order vulnerabilitiy
https://notcve.org/view.php?id=CVE-2007-4995
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. Un error por un paso en la implementación de DTLS en OpenSSL versiones 0.9.8 anteriores a 0.9.8f, permite a atacantes remotos ejecutar código arbitrario por medio de vectores no especificados. • http://bugs.gentoo.org/show_bug.cgi?id=195634 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html http://secunia.com/advisories/25878 http://secunia.com/advisories/27205 http://secunia.com/advisories/27217 http://secunia.com/advisories/27271 http://secunia.com/advisories/27363 http://secunia.com/advisories/27434 http://secunia.com/advisories/27933 http://secunia.com/advisories/280 • CWE-189: Numeric Errors •
CVE-2007-5135 – openssl: SSL_get_shared_ciphers() off-by-one
https://notcve.org/view.php?id=CVE-2007-5135
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible. Un error por un paso en la función SSL_get_shared_ciphers en OpenSSL versiones 0.9.7 hasta 0.9.7l, y versiones 0.9.8 hasta 0.9.8f, podría permitir a atacantes remotos ejecutar código arbitrario por medio de un paquete diseñado que desencadena un subdesbordamiento de búfer de un byte. NOTA: este problema fue introducido como resultado de una corrección para CVE-2006-3738. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://secunia.com/advisories/22130 http://secunia.com/advisories/27012 http://secunia.com/advisories/27021 http://secunia.com/advisories/27031 http://secunia.com/advisories/27051 http://s • CWE-189: Numeric Errors CWE-193: Off-by-one Error •