
CVE-2012-0884 – openssl: CMS and PKCS#7 Bleichenbacher attack
https://notcve.org/view.php?id=CVE-2012-0884
13 Mar 2012 — The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack. La implementación de Cryptographic Message Syntax (CMS) y PKCS #7 de OpenSSL anteriores a 0.9.8u y 1.x anteriores a 1.0.0h no restringe apropiadamente un determinado uso de información posterior ("oracle ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html • CWE-310: Cryptographic Issues •

CVE-2006-7250 – openssl: mime_hdr_cmp NULL dereference crash
https://notcve.org/view.php?id=CVE-2006-7250
29 Feb 2012 — The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message. La función mime_hdr_cmp en crypto/asn1/asn_mime.c en OpenSSL v0.9.8t y anteriores permite a atacantes remotos causar una denegación de servicio (desreferencia a puntero nulo y caída de la aplicación) a través de un mensaje S/MIME modificado para tal fin. Multiple vulnerabilities have been found in... • http://cvs.openssl.org/chngview?cn=22144 • CWE-476: NULL Pointer Dereference •

CVE-2011-4354
https://notcve.org/view.php?id=CVE-2011-4354
27 Jan 2012 — crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts. crypto/bn/bn_nist.c en OpenSSL anterior a v0.9.8h en plataformas de 32 bits, como se utiliza en stunnel y otros productos, en... • http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip • CWE-310: Cryptographic Issues •

CVE-2012-0027
https://notcve.org/view.php?id=CVE-2012-0027
06 Jan 2012 — The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. El motor GOST en OpenSSL antes de v1.0.0f no controla correctamente los parámetros válidos para el cifrado de bloques GOST, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de datos de un cliente TLS específicamente modificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 • CWE-399: Resource Management Errors •

CVE-2011-4619 – openssl: SGC restart DoS attack
https://notcve.org/view.php?id=CVE-2011-4619
06 Jan 2012 — The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. La implementación del servidor de criptografía SGC en OpenSSL antes de v0.9.8s y en v1.x antes de v1.0.0f no controla correctamente los reinicios de 'handshake' (apretón de manos), lo que permite a atacantes remotos provocar una denegación de servicio a través de vec... • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc • CWE-399: Resource Management Errors •

CVE-2011-4108 – openssl: DTLS plaintext recovery attack
https://notcve.org/view.php?id=CVE-2011-4108
06 Jan 2012 — The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. La implementación DTLS en OpenSSL antes de v0.9.8s y v1.x antes de v1.0.0f realiza una comprobación de MAC sólo si determinado relleno es válida, lo que facilita a los atacantes remotos a la hora de recuperar texto a través de un ataque de relleno. • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc • CWE-310: Cryptographic Issues •

CVE-2011-4109 – openssl: double-free in policy checks
https://notcve.org/view.php?id=CVE-2011-4109
06 Jan 2012 — Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. Una vulnerabilidad de doble liberación en OpenSSL v0.9.8 antes de v0.9.8s, cuando la opción X509_V_FLAG_POLICY_CHECK está activada, permite a atacantes remotos tener un impacto no especificado al provocar el fallo de un control de la política. • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc • CWE-399: Resource Management Errors •

CVE-2011-4576 – openssl: uninitialized SSL 3.0 padding
https://notcve.org/view.php?id=CVE-2011-4576
06 Jan 2012 — The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. La implementación SSL v3.0 en OpenSSL antes de v0.9.8s y v1.x antes de v1.0.0f no inicializa correctamente las estructuras de datos para el relleno de bloques de cifrado, lo que podría permitir a atacantes remotos obtener información sensible desci... • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc • CWE-310: Cryptographic Issues •

CVE-2011-4577 – openssl: malformed RFC 3779 data can cause assertion failures
https://notcve.org/view.php?id=CVE-2011-4577
06 Jan 2012 — OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. OpenSSL antes de v0.9.8s y v1.x antes de v1.0.0f, cuando el soporte al RFC 3779 está habilitado, permite a atacantes remotos provocar una denegación de servicio (error de aserción) a través de un certificado X.509 qu... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 • CWE-399: Resource Management Errors •

CVE-2011-3210
https://notcve.org/view.php?id=CVE-2011-3210
22 Sep 2011 — The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. La efímera funcionalidad de cifrado ECDH en OpenSSL versiones v0.9.8 a v0.9.8s y v1.0.x antes de v1.0.0e no garantiza la seguridad de los subprocesos durante el procesamiento de los mensajes de 'h... • http://cvs.openssl.org/chngview?cn=21337 • CWE-399: Resource Management Errors •