Page 8 of 118 results (0.035 seconds)

CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. La función ssl3_get_key_exchange function en s3_clnt.c en OpenSSL en versiones anteriores a 0.9.8zd, 1.0.0 en versiones anteriores a 1.0.0p y 1.0.1 en versiones anteriores a 1.0.1k permite a servidores SSL remotos llevar a cabo ataques de desactualización ECDHE-to-ECDH y desencadenar una pérdida de confidencialidad directa omitiendo los mensajes ServerKeyExchange. It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method than the one requested by the user. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.h • CWE-310: Cryptographic Issues •

CVSS: 7.1EPSS: 90%CPEs: 34EXPL: 0

Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. Fuga de memoria en la función tls_decrypt_ticket en t1_lib.c en OpenSSL anterior a 0.9.8zc, 1.0.0 anterior a 1.0.0o, y 1.0.1 anterior a 1.0.1j permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un ticket de sesión manipulado que provoca un fallo en la comprobación de integridad. A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc http://advisories.mageia.org/MGASA-2014-0416.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html http& • CWE-20: Improper Input Validation CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0

OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. OpenSSL anterior a 0.9.8zc, 1.0.0 anterior a 1.0.0o, y 1.0.1 anterior a 1.0.1j no fuerza correctamente la opción build no-ssl3, lo que permite a atacantes remotos evadir las restricciones de acceso a través de una negociación SSL 3.0, relacionado con s23_clnt.c y s23_srvr.c. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html http://lists.opensuse.org/opensuse-security-announce/20 • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 97%CPEs: 147EXPL: 1

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. El protocolo SSL 3.0, utilizado en OpenSSL hasta 1.0.1i y otros productos, utiliza relleno (padding) CBC no determinístico, lo que facilita a los atacantes man-in-the-middle obtener datos de texto plano a través de un ataque de relleno (padding) oracle, también conocido como el problema "POODLE". A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. • https://github.com/mikesplain/CVE-2014-3566-poodle-cookbook ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc http://advisories.mageia.org/MGASA-2014-0416.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566 http& • CWE-310: Cryptographic Issues CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •

CVSS: 4.3EPSS: 0%CPEs: 59EXPL: 0

The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. La función OBJ_obj2txt en crypto/objects/obj_dat.c en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.0.0n, y 1.0.1 anterior a 1.0.1i, cuando 'pretty printing' está utilizado, no asegura la presencia de caracteres '\0', lo que permite a atacantes dependientes de contexto obtener información sensible de la memoria en pila del proceso mediante la lectura de salidas de X509_name_oneline, X509_name_print_ex, y otras funciones no especificadas. It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc http://linux.oracle.com/errata/ELSA-2014-1052.html http://linux.oracle.com/errata/ELSA-2014-1053.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html http:/& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •