Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Ubuntu: OpenSSL vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Ubuntu: OpenSSL vulnerabilities
# 1  
Old 06-26-2008
Ubuntu: OpenSSL vulnerabilities
LinuxSecurity.com: It was discovered that OpenSSL was vulnerable to a double-free when using TLS server extensions. A remote attacker could send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL. Ubuntu 8.04 LTS does not compile TLS server extensions by default. (CVE-2008-0891) It was discovered that OpenSSL could dereference a NULL pointer. If a user or automated system were tricked into connecting to a malicious server with particular cipher suites, a remote attacker could cause a denial of service via application crash. (CVE-2008-1672)

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Red Hat

Openssl vulnerabilities

Hi there, The following openssl package are installed on the machine (openssl-1.0.0-27.el6_4.2.x86_64). It isn't the last version but I need to known if this content Vulnerabilities... How to check that on RedHat? Could you please tell me how to find this information?? Thankx (3 Replies)
Discussion started by: hiero_nymus
3 Replies

2. Solaris

Solaris v Ubuntu using OpenSSL paste problem

Hello, I hope this means something to someone. I have an odd problem that just started happening recently. I am not the system admin, so I don't have full info on any changes to the system lately. Except that I did upgrade OpenSSL to version 1.0.1.c from 1.0.0j. Anyway, I am trying to... (4 Replies)
Discussion started by: jonycp
4 Replies
Login or Register to Ask a Question