CVE-2006-2940 – openssl public key DoS
https://notcve.org/view.php?id=CVE-2006-2940
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. OpenSSL 0.9.7 en versiones anteriores a 0.9.7l, 0.9.8 en versiones anteriores a 0.9.8d y versiones anteriores permite a atacantes provocar una denegación de servicio (consumo de CPU) a través de claves públicas parasitarias con valores grandes de (1) "exponente público" o (2) "módulo público" en certificados X.509 que requiere tiempo extra de procesamiento cuando utiliza una verificación de firma RSA. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://docs.info.apple.com/article.html?artnum=304829 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 http://issues.rpath.com/browse/RPL-613 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 http://kolab.org/security/kolab-vendor • CWE-399: Resource Management Errors •
CVE-2006-3738 – openssl get_shared_ciphers overflow
https://notcve.org/view.php?id=CVE-2006-3738
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. Desbordamiento de búfer en la función SSL_get_shared_ciphers en OpenSSL 0.9.7 anterior a 0.9.7l, 0.9.8 anterior a 0.9.8d, y versiones anteriores tiene impacto y vectores de ataque no especificados implicando una lista de cifras larga. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://docs.info.apple.com/article.html?artnum=304829 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 http://issues.rpath.com/browse/RPL-613 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 http://kolab.org/security/kolab-vendor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-4339 – openssl signature forgery
https://notcve.org/view.php?id=CVE-2006-4339
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. OpenSSL en versiones anteriores a 0.9.7, 0.9.7 en versiones anteriores a 0.9.7k y 0.9.8 en versiones anteriores a 0.9.8c, cuando usa una clave RSA con exponente 3, elimina relleno PKCS-1 antes de generar un hash, lo que permite a atacantes remotos falsificar una firma PKCS #1 v1.5 que está firmada por dicha clave RSA e impide a OpenSSL verificar correctamente los certificados X.509 y otros que utilizan PKCS #1. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://dev2dev.bea.com/pub/advisory/238 http://docs.info.apple.com/article.html?artnum=304829 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 http://itrc.hp.com/service/cki/docDisplay.do? • CWE-310: Cryptographic Issues •
CVE-2005-2969 – openssl mitm downgrade attack
https://notcve.org/view.php?id=CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. • ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf http://docs.info.apple.com/article.html?artnum=302847 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://secunia.com/advisories/17146 http://secunia.com/advisories/17151 http://secunia.com/advisories/17153 http://secunia.com/advisories/17169 http:/ •
CVE-2005-2946
https://notcve.org/view.php?id=CVE-2005-2946
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature. • http://www.cits.rub.de/MD5Collisions http://www.ubuntu.com/usn/usn-179-1 https://bugzilla.ubuntu.com/show_bug.cgi?id=13593 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •