CVE-2014-2900
https://notcve.org/view.php?id=CVE-2014-2900
wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate. wolfSSL CyaSSL anterior a 2.9.4 no valida debidamente certificados X.509 con extensiones críticas desconocidas, lo que permite a atacantes man-in-the-middle falsificar servidores a través de certificado X.509 manipulado. • http://seclists.org/oss-sec/2014/q2/126 http://seclists.org/oss-sec/2014/q2/130 http://secunia.com/advisories/57743 http://www.securityfocus.com/bid/66780 http://www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.html http://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html https://security.gentoo.org/glsa/201612-53 • CWE-310: Cryptographic Issues •
CVE-2014-2899
https://notcve.org/view.php?id=CVE-2014-2899
wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a request for the peer certificate when a certificate parsing failure occurs or (2) a client_key_exchange message when the ephemeral key is not found. wolfSSL CyaSSL anterior a 2.9.4 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) a través de (1) una solicitud para el certificado de par cuando sucede un fallo de análisis sintáctico de certificado o (2) un mensaje client_key_exchange cuando la clave efímera no se encuentra. • http://seclists.org/oss-sec/2014/q2/126 http://seclists.org/oss-sec/2014/q2/130 http://secunia.com/advisories/57743 http://www.securityfocus.com/bid/66780 http://www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.html http://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html https://security.gentoo.org/glsa/201612-53 • CWE-20: Improper Input Validation •
CVE-2013-1623
https://notcve.org/view.php?id=CVE-2013-1623
The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. Las implementaciones de TLS y DTLS de wolfSSL CyaSSL antes de v2.5.0 no cosnidera el tiempo de canal lateral ataques a una operación de comprobación de incumplimiento de MAC durante el proceso de relleno CBC malformado, lo que permite a atacantes remotos para realizar ataques distintivos y los ataques de recuperación de texto plano-a través de estadística análisis de los datos de tiempo de los paquetes hechos a mano, una cuestión relacionada con CVE-2013-0169. • http://openwall.com/lists/oss-security/2013/02/05/24 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.isg.rhul.ac.uk/tls/TLStiming.pdf http://www.yassl.com/yaSSL/Blog/Entries/2013/2/5_WolfSSL%2C_provider_of_CyaSSL_Embedded_SSL%2C_releases_first_embedded_TLS_and_DTLS_protocol_fix_for_Lucky_Thirteen_Attack.html • CWE-310: Cryptographic Issues •
CVE-2012-1558
https://notcve.org/view.php?id=CVE-2012-1558
yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted X.509 certificate. yaSSL CyaSSL anteriores a 2.0.8 permite a atacantes remotos provocar una denegación de servicio (resolución de puntero NULL y caída de la aplicación) a través de un certificado X.509 modificado. • http://secunia.com/advisories/48634 http://www.securityfocus.com/bid/52828 http://www.yassl.com/yaSSL/Docs-cyassl-changelog.html https://exchange.xforce.ibmcloud.com/vulnerabilities/74095 • CWE-399: Resource Management Errors •
CVE-2011-2900 – Simple HTTPd 1.42 - Denial of Servive
https://notcve.org/view.php?id=CVE-2011-2900
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011. Desbordamiento de buffer de pila en (1) la función put_dir de mongoose.c de Mongoose 3.0, (2) la función put_dir de yasslEWS.c de yaSSL Embedded Web Server (yasslEWS) 0.2 y (3) la función _shttpd_put_dir de io_dir.c de Simple HTTPD (shttpd) 1.42. Permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP PUT, como se ha demostrado en ataques en el 2011. • https://www.exploit-db.com/exploits/17658 https://www.exploit-db.com/exploits/17669 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065273.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065505.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065537.html http://secunia.com/advisories/45464 http://secunia.com/advisories/45902 http://securityreason.com/securityalert/8337 http://www.openwall.com/lists/oss-security/2011/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •