CVSS: 7.5EPSS: 2%CPEs: 33EXPL: 0CVE-2015-0287 – openssl: ASN.1 structure reuse memory corruption
https://notcve.org/view.php?id=CVE-2015-0287
19 Mar 2015 — The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse. La función ASN1_item_ex_d2i en crypto/asn1/tasn_dec.c en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 anterior a 1.0.1m, y ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680 • CWE-17: DEPRECATED: Code CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 90%CPEs: 33EXPL: 0CVE-2015-0286 – openssl: invalid pointer use in ASN1_TYPE_cmp()
https://notcve.org/view.php?id=CVE-2015-0286
19 Mar 2015 — The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. La función ASN1_TYPE_cmp en crypto/asn1/a_type.c en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 ante... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680 • CWE-17: DEPRECATED: Code CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 25%CPEs: 33EXPL: 0CVE-2015-0293 – openssl: assertion failure in SSLv2 servers
https://notcve.org/view.php?id=CVE-2015-0293
19 Mar 2015 — The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message. La implementación SSLv2 en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 anterior a 1.0.1m, y 1.0.2 anterior a 1.0.2a permite a atacantes remotos causar una denegación de servicio (fallo de aserción s2_lib.c y salida del demonio) a través de ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 44%CPEs: 26EXPL: 0CVE-2014-3571 – openssl: DTLS segmentation fault in dtls1_get_record
https://notcve.org/view.php?id=CVE-2014-3571
09 Jan 2015 — OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. OpenSSL anterior a 0.9.8zd, 1.0.0 anterior a 1.0.0p, y 1.0.1 anterior a 1.0.1k permite a atacantes remotos causar u... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0CVE-2014-3572 – openssl: ECDH downgrade bug fix
https://notcve.org/view.php?id=CVE-2014-3572
09 Jan 2015 — The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. La función ssl3_get_key_exchange function en s3_clnt.c en OpenSSL en versiones anteriores a 0.9.8zd, 1.0.0 en versiones anteriores a 1.0.0p y 1.0.1 en versiones anteriores a 1.0.1k permite a servidores SSL remotos llevar a cabo ataques de des... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 86%CPEs: 25EXPL: 0CVE-2015-0206 – openssl: DTLS memory leak in dtls1_buffer_record
https://notcve.org/view.php?id=CVE-2015-0206
09 Jan 2015 — Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection. Fuga de memoria en la función dtls1_buffer_record en d1_pkt.c en OpenSSL 1.0.0 anterior a 1.0.0p y 1.0.1 anterior a 1.0.1k permite a atacantes remotos causar una denegación de servicio (consumo de memoria) mediante el envío de mu... • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 9%CPEs: 26EXPL: 1CVE-2014-3570 – openssl: Bignum squaring may produce incorrect results
https://notcve.org/view.php?id=CVE-2014-3570
09 Jan 2015 — The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. La implementación BN_sqr en OpenSSL anterior a 0.9.8zd, 1.0.0 anterior a 1.0.0p, y 1.0.1 anterior a 1.0.1k no calcula correctamente el cuadrado de un v... • https://github.com/uthrasri/CVE-2014-3570 • CWE-310: Cryptographic Issues •
CVSS: 5.3EPSS: 94%CPEs: 26EXPL: 5CVE-2015-0204 – openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)
https://notcve.org/view.php?id=CVE-2015-0204
09 Jan 2015 — The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. La función ssl3_get_key_exchange en s3_clnt.c en... • https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script • CWE-310: Cryptographic Issues CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 5.9EPSS: 1%CPEs: 25EXPL: 1CVE-2015-0205 – openssl: DH client certificates accepted without verification
https://notcve.org/view.php?id=CVE-2015-0205
09 Jan 2015 — The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support. La función ssl3_get_cert_verify en s3_srvr.c en OpenSSL 1.0.0 anterior a 1.0.0p y 1.0.1 anterior a... • https://github.com/saurabh2088/OpenSSL_1_0_1g_CVE-2015-0205 • CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 9%CPEs: 26EXPL: 1CVE-2014-8275 – openssl: Fix various certificate fingerprint issues
https://notcve.org/view.php?id=CVE-2014-8275
09 Jan 2015 — OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c. OpenSSL anterior a 0.9.8zd, 1.0.0 anterior a 1.0.0p, y 1.0.1 anterior a 1.0.1k no fuerza ciertas limitacione... • https://github.com/uthrasri/Openssl_G2.5_CVE-2014-8275 • CWE-310: Cryptographic Issues •