CVSS: 7.5EPSS: 42%CPEs: 9EXPL: 0CVE-2013-4353 – openssl: client NULL dereference crash on malformed handshake packets
https://notcve.org/view.php?id=CVE-2013-4353
08 Jan 2014 — The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. La función ssl3_take_mac en ssl/s3_both.c en OpenSSL 1.0.1 anterior a 1.0.1f permite a los servidores TLS remotos provocar una denegación de servicio (referencia a un puntero NULL y caída de aplicación) a través de un registro Next Protocol Negotiation modificado en... • http://git.openssl.org/gitweb/?p=openssl.git%3Ba=blob_plain%3Bf=CHANGES%3Bhb=refs/heads/OpenSSL_1_0_1-stable • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 36%CPEs: 25EXPL: 0CVE-2013-6450 – openssl: crash in DTLS renegotiation after packet loss
https://notcve.org/view.php?id=CVE-2013-6450
01 Jan 2014 — The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. La implementación de retransmisión DTLS en OpenSSL través 0.9.8y y 1.x través 1.0.1e no mantiene adecuadamente las estruc... • http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=34628967f1e65dc8f34e000f0f5518e21afbfc7b • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 59%CPEs: 25EXPL: 0CVE-2013-6449 – openssl: crash when using TLS 1.2 caused by use of incorrect hash algorithm
https://notcve.org/view.php?id=CVE-2013-6449
23 Dec 2013 — The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. La función ssl_get_algorithm2 en ssl/s3_lib.c en OpenSSL anterior a v1.0.2 obtiene un cierto número de versión de una estructura de datos incorrectos, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de tr... • http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ca989269a2876bae79393bd54c3e72d49975fc75 • CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 1%CPEs: 72EXPL: 1CVE-2013-0169 – SSL/TLS: CBC padding timing attack (lucky-13)
https://notcve.org/view.php?id=CVE-2013-0169
08 Feb 2013 — The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. El protocolo TLS v1.1 y v1.2 y el protocolo DTLS v1.0 y v1.2, tal como se... • https://github.com/wearohat/lucky13 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 56%CPEs: 4EXPL: 1CVE-2012-2686 – OpenSSL TLS 1.1 and 1.2 AES-NI Denial of Service
https://notcve.org/view.php?id=CVE-2012-2686
08 Feb 2013 — crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data. crypto/evp/e_aes_cbc_hmac_sha1.c en la funcionalidad AES-NI en el TLS v1.1 y v1.2 en las implementaciones OpenSSL v1.0.1d antes de v1.0.1 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de los datos de CBC artesanales. Potential security v... • https://packetstorm.news/files/id/180493 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 5%CPEs: 95EXPL: 0CVE-2013-0166 – openssl: DoS due to improper handling of OCSP response verification
https://notcve.org/view.php?id=CVE-2013-0166
08 Feb 2013 — OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key. OpenSSL antes de v0.9.8y, v1.0.0 antes de v1.0.0k y v1.0.1 antes de v1.0.1d no realizar correctamente la verificación de firmas para las respuestas OCSP, permite a atacantes remotos provocar una denegación de servicio (desreferencia puntero NUL... • http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 5%CPEs: 99EXPL: 0CVE-2012-2333 – openssl: record length handling integer underflow
https://notcve.org/view.php?id=CVE-2012-2333
14 May 2012 — Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. Desbordamiento de entero en OpenSSL anteriores a v0.9.8x, v1.0.0 anteriores a v1.0.0j, y v1.0.1 anteriores a v1.0.1c, cuando TLS v1.1, TLS v1.2, o DTLS ... • http://cvs.openssl.org/chngview?cn=22538 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 6%CPEs: 91EXPL: 3CVE-2012-2110 – OpenSSL - ASN1 BIO Memory Corruption
https://notcve.org/view.php?id=CVE-2012-2110
19 Apr 2012 — The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. La función asn1_d2i_read_bio en OpenSSL antes de v0.9.8v, en v1.0.0 antes de v1.0.0i y en v1.0.1 an... • https://www.exploit-db.com/exploits/18756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
18 Oct 2007 — Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 •