A remote attacker could execute arbitrary commands, cause a buffer
overflow, bypass security or
create a denial of service.
OpenSSL is an open-source
implementation of the Secure Socket Layer (SSL) and
Transport Layer Security (TLS) protocols including an
all-purpose cryptography library. It is commonly used by
Apache web server
modules such as mod_ssl
to implement secure web sessions.
ChangeCipherSpec DTLS Packet Denial of Service Vulnerability
OpenSSL before 0.9.8i is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference condition.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
dtls1_retrieve_buffered_fragment() DTLS Packet Denial of Service Vulnerability
OpenSSL before 1.0.0 Beta 2 is prone to a vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c,
that may allow attackers to cause denial-of-service conditions.
DTLS Packets Multiple Denial of Service Vulnerabilities
OpenSSL 0.9.8k and prior are prone to multiple vulnerabilities that may allow attackers to cause denial-of-service conditions.
Multiple vulnerabilities fixed in OpenSSL 0.9.8k
OpenSSL before 0.9.8k is prone to multiple vulnerabilities that may allow attackers to trigger denial-of-service conditions
or bypass certain security checks.
One byte buffer overflow in the SSL_get_shared_ciphers function
OpenSSL versions 0.9.7l, 0.9.8d, and 0.9.8e have a one-byte buffer overflow caused by the fix
for CVE 2006-3738 to the SSL_get_shared_ciphers vulnerability.
Multiple vulnerabilities fixed by OpenSSL 0.9.7l/0.9.8d
OpenSSL versions 0.9.7l and 0.9.8d fixed multiple
vulnerabilities, including two denial-of-service
vulnerabilities in parsing ASN.1 data, a buffer overflow
in the SSL_get_shared_ciphers function,
and a client denial of service when OpenSSL is used
to created an SSLv2 connection.
RSA signature forgery for exponent 3
OpenSSL when using an RSA key with exponent 3, removes PKCS-1 padding
before generating a hash. This allows remote attackers to forge
a PKCS #1 v1.5 signature. Versions before 0.9.7, 0.9.7 before 0.9.7k
and 0.9.8 before 0.9.8c are vulnerable.
Potential SSL 2.0 Rollback
OpenSSL versions prior to 0.9.7h and 0.9.8a have a vulnerability
if the SSL_OP_MSIE_SSLV2_RSA_PADDING option is set. This option
is set by the SSL_OP_ALL option , which is intended to work around various bugs in
third-party software that might prevent interoperability.
In the event that this option is set, the verification steps
necessary to prevent the use of SSL 2.0 can be disabled. The SSL
2.0 protocol is known to have severe cryptographic weaknesses
and is supported only as a fallback.
The ChangeCipherSpec DTLS Packet Denial of Service vulnerability was reported in
[http://www.securityfocus.com/bid/35174/] Bugtraq ID 35174.
The dtls1_retrieve_buffered_fragment() DTLS Packet Denial of Service vulnerability was reported in
[http://www.securityfocus.com/bid/35138/] Bugtraq ID 35138.
The DTLS Packets multiple Denial of Service vulnerabilities were reported in
[http://www.securityfocus.com/bid/35001/] Bugtraq ID 35001.
The multiple vulnerabilities fixed in OpenSSL 0.9.8k were reported in
[http://www.securityfocus.com/bid/34256/] Bugtraq ID 34256.
The one byte buffer overflow in the SSL_get_shared_ciphers function was reported in
[http://secunia.com/advisories/22130/] Secunia Advisory SA22130.
The vulnerabilities corrected by OpenSSL 0.9.7l and 0.9.8d were
reported in an
[http://www.openssl.org/news/secadv_20060928.txt] OpenSSL security advisory.
The RSA signature forgery for exponent 3 vulnerability was reported
[http://www.openssl.org/news/secadv_20060905.txt] OpenSSL security advisory. Additional information on the vulnerability can be
found at [http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html] ietf-openpgp msg14307.
The Potential SSL 2.0 Rollback vulnerability was reported in an
[http://www.openssl.org/news/secadv_20051011.txt] OpenSSL security advisory.
Low Attack Complexity, Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact