CVSS: 5.8EPSS: 0%CPEs: 59EXPL: 0CVE-2008-5077 – OpenSSL Incorrect checks for malformed signatures
https://notcve.org/view.php?id=CVE-2008-5077
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. OpenSSL 0.9.8i y versiones anteriores no comprueba correctamente el valor de retorno de la función EVP_VerifyFinal, lo que permite a atacantes remotos evitar la validación de la cadena del certificado a través de una firma SSL/TLS mal formada para las claves DSA y ECDSA. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html http://marc.info/?l=bugtraq&m=123859864430555&w=2 http://marc.info/?l=bugtraq&m=124277349419254&w=2 http://marc.info/?l=bugtraq&m=127678688104458&w=2 http://secunia.com/advisories/33338 http://secunia.com/advisories/33394 http://secunia.com/advisories/33436&# • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 14%CPEs: 3EXPL: 2CVE-2008-1678 – httpd: mod_ssl per-connection memory leak for connections with zlib compression
https://notcve.org/view.php?id=CVE-2008-1678
Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm. Fuga de memoria en la Función zlib_stateful_init en crypto/comp/c_zlib.c en libssl en OpenSSL v0.9.8f a la 0.9.8h, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de múltiples llamadas, como se ha demostrado mediante una negociación cliente SSL inicial al servidor HTTP Apache (mod_ssl) que especifica un algoritmo de compresión. • http://bugs.gentoo.org/show_bug.cgi?id=222643 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://marc.info/?l=openssl-dev&m=121060672602371&w=2 http://secunia.com/advisories/31026 http://secunia.com/advisories/31416 http://secunia.com/advisories/32222 http://secunia.com/advisories/34219 http://secunia.com/advisories/35264 http://secunia.com/advisories/38761 http://secun • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.3EPSS: 5%CPEs: 3EXPL: 0CVE-2008-1672
https://notcve.org/view.php?id=CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference. OpenSSL 0.9.8f y 0.9.8g permite a atacantes remotos provocar una denegación de servicio (caída) mediante una negociación TLS que omite el Server Key Excahnge y usa "particular cipher suites." • http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html http://secunia.com/advisories/30405 http://secunia.com/advisories/30460 http://secunia.com/advisories/30825 http://secunia.com/advisories/30852 http://secunia.com/advisories/30868 http://secunia.com/advisories/31228 http://secunia.com/advisories/31288 http://security.gentoo.org/glsa/glsa-200806-08.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004 http://sourceforge.net/project • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 13%CPEs: 2EXPL: 0CVE-2008-0891
https://notcve.org/view.php?id=CVE-2008-0891
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information. Vulnerabilidad de doble liberación en OpenSSL 0.9.8f y 0.9.8g, cuando las extensiones de nombre de servidor TLS están habilitadas, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un paquete manipulado. NOTA: Algunos de estos detalles se han obtenido de fuentes de terceros. • http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html http://secunia.com/advisories/30405 http://secunia.com/advisories/30460 http://secunia.com/advisories/30825 http://secunia.com/advisories/30852 http://secunia.com/advisories/30868 http://secunia.com/advisories/31228 http://secunia.com/advisories/31288 http://security.gentoo.org/glsa/glsa-200806-08.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004 http://sourceforge.net/project • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 9%CPEs: 6EXPL: 5CVE-2008-0166 – OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
https://notcve.org/view.php?id=CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. OpenSSL versión 0.9.8c-1 hasta versiones anteriores a 0.9.8g-9, sobre sistemas operativos basados en Debian usa un generador de números aleatorios que genera números predecibles, lo que facilita a atacantes remotos la conducción de ataques de adivinación por fuerza bruta contra claves criptográficas. • https://www.exploit-db.com/exploits/5622 https://www.exploit-db.com/exploits/5720 https://www.exploit-db.com/exploits/5632 https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 http://metasploit.com/users/hdm/tools/debian-openssl http://secunia.com/advisories/30136 http://secunia.com/advisories/30220 http://secunia.com/advisories/30221 http://secunia.com/advisories/30231 http://secunia.com/advisories/30239 http://secunia.com/advisories/30249 http:/ • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •